Login
Newsletter
Werbung

Sicherheit: Denial of Service in Perl
Aktuelle Meldungen Distributionen
Name: Denial of Service in Perl
ID: FEDORA-2011-15276
Distribution: Fedora
Plattformen: Fedora 16
Datum: So, 13. November 2011, 08:51
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2728
Applikationen: Perl

Originalnachricht

Name        : perl
Product : Fedora 16
Version : 5.14.2
Release : 190.fc16
URL : http://www.perl.org/
Summary : Practical Extraction and Report Language
Description :
Perl is a high-level programming language with roots in C, sed, awk and she=
ll
scripting. Perl is good at handling processes and files, and is especially
good at handling text. Perl's hallmarks are practicality and efficiency.
While it is used to do a lot of different things, Perl's most common
applications are system administration utilities and web programming. A la=
rge
proportion of the CGI scripts on the web are written in Perl. You need the
perl package installed on your system so that your system can handle Perl
scripts.

Install this package if you want to program in Perl or enable your system to
handle Perl scripts.

---------------------------------------------------------------------------=
-----
Update Information:

Rebase to bugfixing version 5.14.2 and various fixes (see package changelog=
since 4:5.14.2-189 version including for more details).
---------------------------------------------------------------------------=
-----
ChangeLog:

* Thu Nov 3 2011 Petr Pisar <ppisar@redhat.com> - 4:5.14.2-190
- Provide perl(DB) by perl
* Wed Nov 2 2011 Petr Pisar <ppisar@redhat.com> - 4:5.14.2-189
- Correct perl-CGI list of Provides
- Make tests optional
- Correct perl-ExtUtils-ParseXS Provides
- Correct perl-Locale-Codes Provides
- Correct perl-Module-CoreList version
- Automate perl-Test-Simple-tests Requires version
- 5.14.2 bump (see
https://metacpan.org/module/FLORA/perl-5.14.2/pod/perldelta.pod for relea=
se
notes).
- Fixes panics when processing regular expression with \b class and /aa
modifier (bug #731062)
- Fixes CVE-2011-2728 (File::Glob bsd_glob() crash with certain glob flags)
(bug #742987)
- Filter false perl(DynaLoader) provide from perl-ExtUtils-MakeMaker
(bug #736714)
- Change Perl_repeatcpy() prototype to allow repeat count above 2^31
(bug #720610)
- Do not own site directories located in /usr/local (bug #732799)
- cleaned spec (thanks to Grigory Batalov)
- Module-Metadata sub-package contained perl_privlib instead of privlib
- %files parent section was repeated twice
---------------------------------------------------------------------------=
-----
References:

[ 1 ] Bug #731062 - Perl 5.14 panics when processing regular expression w=
ith \b class and /aa modifier
https://bugzilla.redhat.com/show_bug.cgi?id=3D731062
[ 2 ] Bug #742987 - CVE-2011-2728 perl: File::Glob bsd_glob() crash with =
certain glob flags
https://bugzilla.redhat.com/show_bug.cgi?id=3D742987
[ 3 ] Bug #736714 - perl-ExtUtils-MakeMaker provides perl(DynaLoader)?!
https://bugzilla.redhat.com/show_bug.cgi?id=3D736714
[ 4 ] Bug #720610 - [PATCH] large string repeat count causes heap corrupt=
ion
https://bugzilla.redhat.com/show_bug.cgi?id=3D720610
[ 5 ] Bug #732799 - perl rpm attempts writing to /usr/local
https://bugzilla.redhat.com/show_bug.cgi?id=3D732799
---------------------------------------------------------------------------=
-----

This update can be installed with the "yum" update program. Use =

su -c 'yum update perl' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on t=
he
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
---------------------------------------------------------------------------=
-----
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Gewinnspiel
Neue Nachrichten
Werbung