openSUSE Security Update: perl: Fixed two Safe.pm security issues and some bugs ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0519-1 Rating: moderate References: #446098 #515948 #528423 #557636 #588338 #596167 #601242 #603840 #605918 #605928 Affected Products: openSUSE 11.1 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: perl Safe.pm module was affected by two problems where attackers could break out of such a safed execution. (CVE-2010-1447 , CVE-2010-1168) This update fixes this problem. Also the following bugs were fixed: - fix tell cornercase [bnc#596167] - fix regex memory leak [bnc#557636] - also run h2ph on /usr/include/linux [bnc#603840] - backport h2ph include fix from 5.12.0 [bnc#601242] - fix segfault when using regexpes in threaded apps [bnc#588338] - backport upstream fixes for POSIX module to avoid clashes with Fcntl [bnc#446098], [bnc#515948] - backport upstream fix for ISA assertion failure [bnc#528423] - move unicode files from perl-doc to perl, otherwise some perl modules will not work Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.1: zypper in -t patch perl-2829 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.1 (i586 ppc src x86_64): perl-5.10.0-62.19.1 - openSUSE 11.1 (i586 ppc x86_64): perl-base-5.10.0-62.19.1 perl-doc-5.10.0-62.19.1 - openSUSE 11.1 (x86_64): perl-32bit-5.10.0-62.19.1 perl-base-32bit-5.10.0-62.19.1 - openSUSE 11.1 (ppc): perl-64bit-5.10.0-62.19.1 perl-base-64bit-5.10.0-62.19.1 References: https://bugzilla.novell.com/446098 https://bugzilla.novell.com/515948 https://bugzilla.novell.com/528423 https://bugzilla.novell.com/557636 https://bugzilla.novell.com/588338 https://bugzilla.novell.com/596167 https://bugzilla.novell.com/601242 https://bugzilla.novell.com/603840 https://bugzilla.novell.com/605918 https://bugzilla.novell.com/605928