 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Fri, 4 Nov 2011 09:07:58 -0500 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Moderate: perl security update
Issue Date: 2011-11-03
CVE Numbers: CVE-2011-2939
CVE-2011-3597
Perl is a high-level programming language commonly used for system
administration utilities and web programming.
A heap-based buffer overflow flaw was found in the way Perl decoded Unicode
strings. An attacker could create a malicious Unicode string that, when
decoded by a Perl program, would cause the program to crash or,
potentially, execute arbitrary code with the permissions of the user
running the program. (CVE-2011-2939)
It was found that the "new" constructor of the Digest module used its
argument as part of the string expression passed to the eval() function. An
attacker could possibly use this flaw to execute arbitrary Perl code with
the privileges of a Perl program that uses untrusted input as an argument
to the constructor. (CVE-2011-3597)
All Perl users should upgrade to these updated packages, which contain
backported patches to correct these issues. All running Perl programs must
be restarted for this update to take effect.
SL6:
i386
perl-5.10.1-119.el6_1.1.i686.rpm
perl-Archive-Extract-0.38-119.el6_1.1.i686.rpm
perl-Archive-Tar-1.58-119.el6_1.1.i686.rpm
perl-CGI-3.51-119.el6_1.1.i686.rpm
perl-Compress-Raw-Zlib-2.023-119.el6_1.1.i686.rpm
perl-Compress-Zlib-2.020-119.el6_1.1.i686.rpm
perl-core-5.10.1-119.el6_1.1.i686.rpm
perl-CPAN-1.9402-119.el6_1.1.i686.rpm
perl-CPANPLUS-0.88-119.el6_1.1.i686.rpm
perl-debuginfo-5.10.1-119.el6_1.1.i686.rpm
perl-devel-5.10.1-119.el6_1.1.i686.rpm
perl-Digest-SHA-5.47-119.el6_1.1.i686.rpm
perl-ExtUtils-CBuilder-0.27-119.el6_1.1.i686.rpm
perl-ExtUtils-Embed-1.28-119.el6_1.1.i686.rpm
perl-ExtUtils-MakeMaker-6.55-119.el6_1.1.i686.rpm
perl-ExtUtils-ParseXS-2.2003.0-119.el6_1.1.i686.rpm
perl-File-Fetch-0.26-119.el6_1.1.i686.rpm
perl-IO-Compress-Base-2.020-119.el6_1.1.i686.rpm
perl-IO-Compress-Zlib-2.020-119.el6_1.1.i686.rpm
perl-IO-Zlib-1.09-119.el6_1.1.i686.rpm
perl-IPC-Cmd-0.56-119.el6_1.1.i686.rpm
perl-libs-5.10.1-119.el6_1.1.i686.rpm
perl-Locale-Maketext-Simple-0.18-119.el6_1.1.i686.rpm
perl-Log-Message-0.02-119.el6_1.1.i686.rpm
perl-Log-Message-Simple-0.04-119.el6_1.1.i686.rpm
perl-Module-Build-0.3500-119.el6_1.1.i686.rpm
perl-Module-CoreList-2.18-119.el6_1.1.i686.rpm
perl-Module-Load-0.16-119.el6_1.1.i686.rpm
perl-Module-Load-Conditional-0.30-119.el6_1.1.i686.rpm
perl-Module-Loaded-0.02-119.el6_1.1.i686.rpm
perl-Module-Pluggable-3.90-119.el6_1.1.i686.rpm
perl-Object-Accessor-0.34-119.el6_1.1.i686.rpm
perl-Package-Constants-0.02-119.el6_1.1.i686.rpm
perl-Params-Check-0.26-119.el6_1.1.i686.rpm
perl-parent-0.221-119.el6_1.1.i686.rpm
perl-Parse-CPAN-Meta-1.40-119.el6_1.1.i686.rpm
perl-Pod-Escapes-1.04-119.el6_1.1.i686.rpm
perl-Pod-Simple-3.13-119.el6_1.1.i686.rpm
perl-suidperl-5.10.1-119.el6_1.1.i686.rpm
perl-Term-UI-0.20-119.el6_1.1.i686.rpm
perl-Test-Harness-3.17-119.el6_1.1.i686.rpm
perl-Test-Simple-0.92-119.el6_1.1.i686.rpm
perl-Time-HiRes-1.9721-119.el6_1.1.i686.rpm
perl-Time-Piece-1.15-119.el6_1.1.i686.rpm
perl-version-0.77-119.el6_1.1.i686.rpm
x86_64
perl-5.10.1-119.el6_1.1.x86_64.rpm
perl-Archive-Extract-0.38-119.el6_1.1.x86_64.rpm
perl-Archive-Tar-1.58-119.el6_1.1.x86_64.rpm
perl-CGI-3.51-119.el6_1.1.x86_64.rpm
perl-Compress-Raw-Zlib-2.023-119.el6_1.1.x86_64.rpm
perl-Compress-Zlib-2.020-119.el6_1.1.x86_64.rpm
perl-core-5.10.1-119.el6_1.1.x86_64.rpm
perl-CPAN-1.9402-119.el6_1.1.x86_64.rpm
perl-CPANPLUS-0.88-119.el6_1.1.x86_64.rpm
perl-debuginfo-5.10.1-119.el6_1.1.i686.rpm
perl-debuginfo-5.10.1-119.el6_1.1.x86_64.rpm
perl-devel-5.10.1-119.el6_1.1.i686.rpm
perl-devel-5.10.1-119.el6_1.1.x86_64.rpm
perl-Digest-SHA-5.47-119.el6_1.1.x86_64.rpm
perl-ExtUtils-CBuilder-0.27-119.el6_1.1.x86_64.rpm
perl-ExtUtils-Embed-1.28-119.el6_1.1.x86_64.rpm
perl-ExtUtils-MakeMaker-6.55-119.el6_1.1.x86_64.rpm
perl-ExtUtils-ParseXS-2.2003.0-119.el6_1.1.x86_64.rpm
perl-File-Fetch-0.26-119.el6_1.1.x86_64.rpm
perl-IO-Compress-Base-2.020-119.el6_1.1.x86_64.rpm
perl-IO-Compress-Zlib-2.020-119.el6_1.1.x86_64.rpm
perl-IO-Zlib-1.09-119.el6_1.1.x86_64.rpm
perl-IPC-Cmd-0.56-119.el6_1.1.x86_64.rpm
perl-libs-5.10.1-119.el6_1.1.i686.rpm
perl-libs-5.10.1-119.el6_1.1.x86_64.rpm
perl-Locale-Maketext-Simple-0.18-119.el6_1.1.x86_64.rpm
perl-Log-Message-0.02-119.el6_1.1.x86_64.rpm
perl-Log-Message-Simple-0.04-119.el6_1.1.x86_64.rpm
perl-Module-Build-0.3500-119.el6_1.1.x86_64.rpm
perl-Module-CoreList-2.18-119.el6_1.1.x86_64.rpm
perl-Module-Load-0.16-119.el6_1.1.x86_64.rpm
perl-Module-Load-Conditional-0.30-119.el6_1.1.x86_64.rpm
perl-Module-Loaded-0.02-119.el6_1.1.x86_64.rpm
perl-Module-Pluggable-3.90-119.el6_1.1.x86_64.rpm
perl-Object-Accessor-0.34-119.el6_1.1.x86_64.rpm
perl-Package-Constants-0.02-119.el6_1.1.x86_64.rpm
perl-Params-Check-0.26-119.el6_1.1.x86_64.rpm
perl-parent-0.221-119.el6_1.1.x86_64.rpm
perl-Parse-CPAN-Meta-1.40-119.el6_1.1.x86_64.rpm
perl-Pod-Escapes-1.04-119.el6_1.1.x86_64.rpm
perl-Pod-Simple-3.13-119.el6_1.1.x86_64.rpm
perl-suidperl-5.10.1-119.el6_1.1.x86_64.rpm
perl-Term-UI-0.20-119.el6_1.1.x86_64.rpm
perl-Test-Harness-3.17-119.el6_1.1.x86_64.rpm
perl-Test-Simple-0.92-119.el6_1.1.x86_64.rpm
perl-Time-HiRes-1.9721-119.el6_1.1.x86_64.rpm
perl-Time-Piece-1.15-119.el6_1.1.x86_64.rpm
perl-version-0.77-119.el6_1.1.x86_64.rpm
- Scientific Linux Development Team
|
|
|
