Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Zwei Probleme in Perl
Aktuelle Meldungen Distributionen
Name: Zwei Probleme in Perl
ID: FEDORA-2017-7ae07e9f1f
Distribution: Fedora
Plattformen: Fedora 27
Datum: Mo, 2. Oktober 2017, 18:40
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12883
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12837

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2017-7ae07e9f1f
2017-10-02 14:21:47.661570
-------------------------------------------------------------------------------
-

Name : perl
Product : Fedora 27
Version : 5.26.1
Release : 401.fc27
URL : http://www.perl.org/
Summary : Practical Extraction and Report Language
Description :
Perl is a high-level programming language with roots in C, sed, awk and shell
scripting. Perl is good at handling processes and files, and is especially
good at handling text. Perl's hallmarks are practicality and efficiency.
While it is used to do a lot of different things, Perl's most common
applications are system administration utilities and web programming.

This is a metapackage with all the Perl bits and core modules that can be
found in the upstream tarball from perl.org.

If you need only a specific feature, you can install a specific package
instead. E.g. to handle Perl scripts with /usr/bin/perl interpreter,
install perl-interpreter package. See perl-interpreter description for more
details on the Perl decomposition into packages.

-------------------------------------------------------------------------------
-
Update Information:

Update perl(:MODULE_COMPAT_*) ---- Security fix for CVE-2017-12837
CVE-2017-12883 (see <http://search.cpan.org/dist/perl-5.26.1/pod/perldelta.pod>)
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1492091 - CVE-2017-12837 perl: Heap buffer overflow in regular
expression compiler
https://bugzilla.redhat.com/show_bug.cgi?id=1492091
[ 2 ] Bug #1492093 - CVE-2017-12883 perl: Buffer over-read in regular
expression parser
https://bugzilla.redhat.com/show_bug.cgi?id=1492093
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade perl' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung