Paketname
perl
Datum
2012-01-18
Advisory ID
MDVSA-2012:008
Betroffene Versionen
2011 i586 , 2011 x86_64 , 2010.1 i586 , 2010.1 x86_64

Problembeschreibung

Multiple vulnerabilities has been found and corrected in perl:

Off-by-one error in the decode_xs function in Unicode/Unicode.xs
in the Encode module before 2.44, as used in Perl before 5.15.6,
might allow context-dependent attackers to cause a denial of service
(memory corruption) via a crafted Unicode string, which triggers a
heap-based buffer overflow (CVE-2011-2939).

Eval injection in the Digest module before 1.17 for Perl allows
context-dependent attackers to execute arbitrary commands via the
new constructor (CVE-2011-3597).

The updated packages have been patched to correct these issues.

Aktualisierte Pakete

2011 i586

 11a242d72e1b80af300cb6029e3fe899  2011/i586/perl-5.12.3-8.1-mdv2011.0.i586.rpm
 0e9f9f73545305446de47e93749e2749  2011/i586/perl-base-5.12.3-8.1-mdv2011.0.i586.rpm
 3d2824c80363645e41af96300bf0af73  2011/i586/perl-devel-5.12.3-8.1-mdv2011.0.i586.rpm
 989bbaf7bf4caf1047dd0a04c6fb2ac4  2011/i586/perl-doc-5.12.3-8.1-mdv2011.0.noarch.rpm 
 ff748b5ac9db9e66a7104edcce994007  2011/SRPMS/perl-5.12.3-8.1.src.rpm

2011 x86_64

 43e4ddb93c3538fe81e76480dd79c012  2011/x86_64/perl-5.12.3-8.1-mdv2011.0.x86_64.rpm
 290de224b5706a026160ce520ead64dd  2011/x86_64/perl-base-5.12.3-8.1-mdv2011.0.x86_64.rpm
 cc131b0d903866d8fa2eeb72eb1c86f4  2011/x86_64/perl-devel-5.12.3-8.1-mdv2011.0.x86_64.rpm
 6f3c4e5c0a4dce779c596266e594aaa0  2011/x86_64/perl-doc-5.12.3-8.1-mdv2011.0.noarch.rpm 
 ff748b5ac9db9e66a7104edcce994007  2011/SRPMS/perl-5.12.3-8.1.src.rpm

2010.1 i586

 a660dcc681b704173977b78b4dc43c41  2010.1/i586/perl-5.10.1-10.2mdv2010.2.i586.rpm
 668b200bbf88c5f7347c48afb87eeeaa  2010.1/i586/perl-base-5.10.1-10.2mdv2010.2.i586.rpm
 8069e10bc5c68262c06d2a4e8b47bd3d  2010.1/i586/perl-devel-5.10.1-10.2mdv2010.2.i586.rpm
 c9181aa3608d8e66147916eb9d2aea73  2010.1/i586/perl-doc-5.10.1-10.2mdv2010.2.i586.rpm
 c4ae0e4afc100fae4847191914f24fe6  2010.1/i586/perl-suid-5.10.1-10.2mdv2010.2.i586.rpm 
 55afcd3b034232d067c3426093726e46  2010.1/SRPMS/perl-5.10.1-10.2mdv2010.2.src.rpm

2010.1 x86_64

 7a906f6da5c2944a711341493dfb0540  2010.1/x86_64/perl-5.10.1-10.2mdv2010.2.x86_64.rpm
 9224dee63ac4d5d3fce13e8d3940583f  2010.1/x86_64/perl-base-5.10.1-10.2mdv2010.2.x86_64.rpm
 32b5bf046fca55f4f8afaf993716244d  2010.1/x86_64/perl-devel-5.10.1-10.2mdv2010.2.x86_64.rpm
 a1ece8459a135c623dbdf8d96f81bdef  2010.1/x86_64/perl-doc-5.10.1-10.2mdv2010.2.x86_64.rpm
 2f7535cb9479f99ea5b370a86f1d89bf  2010.1/x86_64/perl-suid-5.10.1-10.2mdv2010.2.x86_64.rpm 
 55afcd3b034232d067c3426093726e46  2010.1/SRPMS/perl-5.10.1-10.2mdv2010.2.src.rpm

Referenzen