Perl CVE-2013-1667 Input Rehashing Denial of Service Vulnerability

Posted by tshearn on 2013-04-19 07:37

Does this apply to active perl I know that it applies to the more generic version of Perl 5.14.x. Will ActiveState release a product specific patch to address this issue?

ActiveState Staff
Mon, 2013-04-22 09:08

ActivePerl and were released 21-Mar-2013 with the patches for this CVE.

The problem is in core Perl. It is not patchable without moving to a newer Perl.