[UCI-Linux] [SECURITY] Fedora Core 3 Update: perl-5.8.5-18.FC3

Mike Iglesias iglesias at draco.acs.uci.edu
Thu Dec 1 16:26:02 PST 2005


From: "Jason Vas Dias" <jvdias at redhat.com>
To: fedora-announce-list at redhat.com
Date: Thu, 1 Dec 2005 19:01:15 -0500
Subject: [SECURITY] Fedora Core 3 Update: perl-5.8.5-18.FC3

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-1116
2005-12-01
---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : perl
Version     : 5.8.5                      
Release     : 18.FC3                  
Summary     : The Perl programming language.
Description :
Perl is a high-level programming language with roots in C, sed, awk
and shell scripting.  Perl is good at handling processes and files,
and is especially good at handling text.  Perl's hallmarks are
practicality and efficiency.  While it is used to do a lot of
different things, Perl's most common applications are system
administration utilities and web programming.  A large proportion of
the CGI scripts on the web are written in Perl.  You need the perl
package installed on your system so that your system can handle Perl
scripts.

Install this package if you want to program in Perl or enable your
system to handle Perl scripts.

---------------------------------------------------------------------
Update Information:

Fixes security vulnerabilites:
  CVE-2005-3962:
http://marc.theaimsgroup.com/?l=full-disclosure&m=113342788118630&w=2
CVE-2005-3912:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3912
CVE-2005-0452:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0452
CVE-2004-0976:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0976
---------------------------------------------------------------------
* Thu Dec  1 2005 Jason Vas Dias <jvdias at redhat.com> - 3:5.8.5-18.FC3
- fix bug 174683 / CVE-2005-3962: sprintf integer overflow vulnerability
  backport upstream patch #26240

* Wed Nov  9 2005 Jason Vas Dias <jvdias at redhat.com> - 3:5.8.5-17
- fix bug 136009: restore MakeMaker support for LD_RUN_PATH, 
  while removing empty LD_RUN_PATH

* Tue Nov  8 2005 Jason Vas Dias <jvdias at redhat.com> - 3:5.8.5-17
- fix CAN-2004-0976: insecure use of temporary files

* Wed Nov  2 2005 Jason Vas Dias <jvdias at redhat.com> - 3:5.8.5-17
- fix bug 164772: panic (crash) on invalid UTF-8 in Encode.xs
- fix bug 172327 / upstream bug 37056: backport upstream patch 25084:
  prevent realloc recursion on nss get* ERANGE errno

* Tue Nov  1 2005 Jason Vas Dias <jvdias at redhat.com> - 3:5.8.5-17
- fix bug 170088: broken h2ph fixed with h2ph from 5.8.7
- fix bug 171111 / upstream bug 37535: IOCPARM_LEN should be _IOC_SIZE
- fix bug 172236: make h2ph pick up gcc built-in include directory

* Tue Aug  2 2005 Petr Rockai <prockai at redhat.com> - 3:5.8.5-16
- update filter-depends.sh to get rid of FCGI requires

* Wed Jul 27 2005 Petr Rockai <prockai at redhat.com> - 3:5.8.5-15
- remove incorrect Provides on FCGI and Mac::File, cf. BR148848


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

2ebe04eeb426388b213977c552e6a004  SRPMS/perl-5.8.5-18.FC3.src.rpm
bb9e5f6a8e05992e4c74e532841cf686  x86_64/perl-5.8.5-18.FC3.x86_64.rpm
2d70d5e1b85d8d6f0a11cd2ef4a6b3cd  x86_64/perl-suidperl-5.8.5-18.FC3.x86_64.rpm
d4904e4d622040a34d905c7bfa4a0a03  x86_64/debug/perl-debuginfo-5.8.5-18.FC3.x86_64.rpm
946544c3a8d689c3521719a2205d1aea  i386/perl-5.8.5-18.FC3.i386.rpm
0dd03d80622fdbac49b53a0b76a6cf45  i386/perl-suidperl-5.8.5-18.FC3.i386.rpm
aa479beda71d9c015e283b769e4465a7  i386/debug/perl-debuginfo-5.8.5-18.FC3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

-- 
fedora-announce-list mailing list
fedora-announce-list at redhat.com
https://www.redhat.com/mailman/listinfo/fedora-announce-list


More information about the UCI-Linux mailing list