Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mangelnde Eingabeprüfung in Perl
Aktuelle Meldungen Distributionen
Name: Mangelnde Eingabeprüfung in Perl
ID: FEDORA-2016-5d4fc5ecc9
Distribution: Fedora
Plattformen: Fedora 23
Datum: Fr, 4. März 2016, 07:59
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2381

Originalnachricht

Name        : perl
Product : Fedora 23
Version : 5.22.1
Release : 351.fc23
URL : http://www.perl.org/
Summary : Practical Extraction and Report Language
Description :
Perl is a high-level programming language with roots in C, sed, awk and shell
scripting. Perl is good at handling processes and files, and is especially
good at handling text. Perl's hallmarks are practicality and efficiency.
While it is used to do a lot of different things, Perl's most common
applications are system administration utilities and web programming.

Install this package if you want to program in Perl or enable your system to
handle Perl scripts with /usr/bin/perl interpreter.

If your script requires some Perl modules, you can install them with
"perl(MODULE)" where "MODULE" is a name of required module.
E.g. install
"perl(Test::More)" to make Test::More Perl module available.

If you need all the Perl modules that come with upstream Perl sources, so
called core modules, install perl-core package.

If you only need perl run-time as a shared library, i.e. Perl interpreter
embedded into another application, the only essential package is perl-libs.

Perl header files can be found in perl-devel package.

-------------------------------------------------------------------------------
-
Update Information:

Fix manipulating environment variables to align with how glibc handles
duplicated environment variables. Perl now uses the first variable listed in
the
environment array and it removes any subsequent entries of the same-named
variable from the array, so that child processes have only one variable
instance
in its environment.
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1309214 - CVE-2016-2381 perl: ambiguous environment variables
handling
https://bugzilla.redhat.com/show_bug.cgi?id=1309214
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update perl' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung