Mailinglist Archive: opensuse-updates (72 mails)

< Previous Next >
openSUSE-SU-2010:0518-1 (moderate): perl: Fixed two Safe.pm security issues and some bugs
  • From: opensuse-security@xxxxxxxxxxxx
  • Date: Wed, 18 Aug 2010 20:08:11 +0200 (CEST)
  • Message-id: <20100818180811.129E9BE29@xxxxxxxxxxxxxx>
openSUSE Security Update: perl: Fixed two Safe.pm security issues and some
bugs
______________________________________________________________________________

Announcement ID: openSUSE-SU-2010:0518-1
Rating: moderate
References: #557636 #596167 #601242 #603840 #605918 #605928
#624628
Affected Products:
openSUSE 11.2
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:

perl Safe.pm module was affected by two problems where
attackers could break out of such a safed execution.
(CVE-2010-1447 , CVE-2010-1168)

This update fixes this problem. Also following non-security
bugs were fixed:
- fix tell cornercase [bnc#596167]
- fix regex memory leak [bnc#557636]
- do not add vendorlib/auto to filelist [bnc#624628]
- also run h2ph on /usr/include/linux [bnc#603840]
- backport h2ph include fix from 5.12.0 [bnc#601242]


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 11.2:

zypper in -t patch perl-2830

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 11.2 (i586 src x86_64):

perl-5.10.0-72.7.1

- openSUSE 11.2 (i586 x86_64):

perl-base-5.10.0-72.7.1
perl-doc-5.10.0-72.7.1

- openSUSE 11.2 (x86_64):

perl-32bit-5.10.0-72.7.1
perl-base-32bit-5.10.0-72.7.1


References:

https://bugzilla.novell.com/557636
https://bugzilla.novell.com/596167
https://bugzilla.novell.com/601242
https://bugzilla.novell.com/603840
https://bugzilla.novell.com/605918
https://bugzilla.novell.com/605928
https://bugzilla.novell.com/624628


< Previous Next >
This Thread
  • No further messages