CVE-2017-12814: $ENV{$key} stack buffer overflow on Windows
A possible stack buffer overflow in the %ENV code on Windows has been
fixed by removing the buffer completely since it was superfluous anyway.
CVE-2017-12837: Heap buffer overflow in regular expression compiler
Compiling certain regular expression patterns with the case-insensitive
modifier could cause a heap buffer overflow and crash perl. This has now
been fixed.
CVE-2017-12883: Buffer over-read in regular expression parser
For certain types of syntax error in a regular expression pattern, the
error message could either contain the contents of a random, possibly
large, chunk of memory, or could crash perl. This has now been fixed.