ASA-201905-7 generated external raw

[ASA-201905-7] perl-email-address: denial of service
Arch Linux Security Advisory ASA-201905-7 ========================================= Severity: Low Date : 2019-05-06 CVE-ID : CVE-2018-12558 Package : perl-email-address Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-722 Summary ======= The package <a href="/package/perl-email-address">perl-email-address</a> before version 1.912-1 is vulnerable to denial of service. Resolution ========== Upgrade to 1.912-1. # pacman -Syu "perl-email-address>=1.912-1" The problem has been fixed upstream in version 1.912. Workaround ========== None. Description =========== <a href="/package/perl-email-address">perl-email-address</a> 1.909 is vulnerable to Algorithm Complexity problem and can cause Denial of Service when attacker prepares specially crafted input. Impact ====== A remote attacker can cause a denial of service via specially crafted input. References ========== https://github.com/Perl-Email-Project/Email-Address/issues/19 http://www.openwall.com/lists/oss-security/2018/06/19/3 https://security.archlinux.org/CVE-2018-12558