6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
0.014 Low
EPSS
Percentile
86.6%
CentOS Errata and Security Advisory CESA-2013:0122
Tcl (Tool Command Language) provides a powerful platform for creating
integration applications that tie together diverse applications, protocols,
devices, and frameworks. When paired with the Tk toolkit, Tcl provides a
fast and powerful way to create cross-platform GUI applications.
Two denial of service flaws were found in the Tcl regular expression
handling engine. If Tcl or an application using Tcl processed a
specially-crafted regular expression, it would lead to excessive CPU and
memory consumption. (CVE-2007-4772, CVE-2007-6067)
This update also fixes the following bug:
All users of Tcl are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2013-January/081330.html
https://lists.centos.org/pipermail/centos-cr-announce/2013-January/026720.html
Affected packages:
tcl
tcl-devel
tcl-html
Upstream details at:
https://access.redhat.com/errata/RHSA-2013:0122
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 5 | i386 | tcl | < 8.4.13-6.el5 | tcl-8.4.13-6.el5.i386.rpm |
CentOS | 5 | i386 | tcl-devel | < 8.4.13-6.el5 | tcl-devel-8.4.13-6.el5.i386.rpm |
CentOS | 5 | i386 | tcl-html | < 8.4.13-6.el5 | tcl-html-8.4.13-6.el5.i386.rpm |
CentOS | 5 | i386 | tcl | < 8.4.13-6.el5 | tcl-8.4.13-6.el5.i386.rpm |
CentOS | 5 | x86_64 | tcl | < 8.4.13-6.el5 | tcl-8.4.13-6.el5.x86_64.rpm |
CentOS | 5 | i386 | tcl-devel | < 8.4.13-6.el5 | tcl-devel-8.4.13-6.el5.i386.rpm |
CentOS | 5 | x86_64 | tcl-devel | < 8.4.13-6.el5 | tcl-devel-8.4.13-6.el5.x86_64.rpm |
CentOS | 5 | x86_64 | tcl-html | < 8.4.13-6.el5 | tcl-html-8.4.13-6.el5.x86_64.rpm |
CentOS | 5 | i386 | tcl | < 8.4.13-6.el5 | tcl-8.4.13-6.el5.i386.rpm |
CentOS | 5 | i386 | tcl-devel | < 8.4.13-6.el5 | tcl-devel-8.4.13-6.el5.i386.rpm |