<<< Date Index >>>     <<< Thread Index >>>

MDKSA-2005:225 - Updated perl package fixes format string vulnerability



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2005:225
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : perl
 Date    : December 8, 2005
 Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0,
           Multi Network Firewall 2.0
 _______________________________________________________________________
 
 Problem Description:
 
 Jack Louis discovered a new way to exploit format string errors in the
 Perl programming language that could lead to the execution of
 arbitrary code.
 
 The updated packages are patched to close the particular exploit
 vector in Perl itself, to mitigate the risk of format string
 programming errors, however it does not fix problems that may exist
 in particular pieces of software written in Perl.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3962
 http://www.dyadsecurity.com/perl-0002.html
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 10.1:
 fd77af9b7802f41c22d4902b456fdb32  10.1/RPMS/perl-5.8.5-3.5.101mdk.i586.rpm
 49c6b964236039da921a3a0a08105316  10.1/RPMS/perl-base-5.8.5-3.5.101mdk.i586.rpm
 01ad564838030c9992ea70b8fa2261c5  
10.1/RPMS/perl-devel-5.8.5-3.5.101mdk.i586.rpm
 3ff0b066b2b67c9d6f0d6d5d757ed67e  10.1/RPMS/perl-doc-5.8.5-3.5.101mdk.i586.rpm
 1e6de184d2c018701d5bc93c60610789  10.1/SRPMS/perl-5.8.5-3.5.101mdk.src.rpm

 Mandriva Linux 10.1/X86_64:
 4fef93b585d891e863588f99c0ddd18d  
x86_64/10.1/RPMS/perl-5.8.5-3.5.101mdk.x86_64.rpm
 9b31454c7a74aa9cab7219ca627100e0  
x86_64/10.1/RPMS/perl-base-5.8.5-3.5.101mdk.x86_64.rpm
 1b7708eb96804787524bf34bded09edf  
x86_64/10.1/RPMS/perl-devel-5.8.5-3.5.101mdk.x86_64.rpm
 cd197160854346c39854f060a9a18d5c  
x86_64/10.1/RPMS/perl-doc-5.8.5-3.5.101mdk.x86_64.rpm
 1e6de184d2c018701d5bc93c60610789  
x86_64/10.1/SRPMS/perl-5.8.5-3.5.101mdk.src.rpm

 Mandriva Linux 10.2:
 32b1b7a39b8e0781df41e57188fe5c97  10.2/RPMS/perl-5.8.6-6.2.102mdk.i586.rpm
 05ae3f918377371783c491027b081e92  10.2/RPMS/perl-base-5.8.6-6.2.102mdk.i586.rpm
 2c5b07488636b42b1b15f40b220fd1fd  
10.2/RPMS/perl-devel-5.8.6-6.2.102mdk.i586.rpm
 c116213d8e3e30407ba994b281d03f52  10.2/RPMS/perl-doc-5.8.6-6.2.102mdk.i586.rpm
 54c3f67fd42027442a0f589f2ad9dcec  10.2/SRPMS/perl-5.8.6-6.2.102mdk.src.rpm

 Mandriva Linux 10.2/X86_64:
 e0890eb10b116c824c3f9a173097c60e  
x86_64/10.2/RPMS/perl-5.8.6-6.2.102mdk.x86_64.rpm
 75aa18ee9d21d40a639baaee28b238f4  
x86_64/10.2/RPMS/perl-base-5.8.6-6.2.102mdk.x86_64.rpm
 1dc42978eb832156c82042ece5c616d9  
x86_64/10.2/RPMS/perl-devel-5.8.6-6.2.102mdk.x86_64.rpm
 c4b0b1c2f41d8ab442202136572ec553  
x86_64/10.2/RPMS/perl-doc-5.8.6-6.2.102mdk.x86_64.rpm
 54c3f67fd42027442a0f589f2ad9dcec  
x86_64/10.2/SRPMS/perl-5.8.6-6.2.102mdk.src.rpm

 Mandriva Linux 2006.0:
 6333d4baa23e9bc27340ab30d6f6f9fd  2006.0/RPMS/perl-5.8.7-3.2.20060mdk.i586.rpm
 d91a62f81461a51dfffa6dd8e15b6ab4  
2006.0/RPMS/perl-base-5.8.7-3.2.20060mdk.i586.rpm
 7d8ec79ab483544765c236c3b7e1ba0f  
2006.0/RPMS/perl-devel-5.8.7-3.2.20060mdk.i586.rpm
 af9b52f68ce3eaf066a21694924a3f22  
2006.0/RPMS/perl-doc-5.8.7-3.2.20060mdk.i586.rpm
 ff8a844680f7df737431fb9c82c5f50d  
2006.0/RPMS/perl-suid-5.8.7-3.2.20060mdk.i586.rpm
 acde621a5890ff325a1ad8ffe83dc1ca  2006.0/SRPMS/perl-5.8.7-3.2.20060mdk.src.rpm

 Mandriva Linux 2006.0/X86_64:
 c1fc32b114cd8b2b0af431208da6beaf  
x86_64/2006.0/RPMS/perl-5.8.7-3.2.20060mdk.x86_64.rpm
 ebf3e1e5460c9362e3a0fc77dcbddad5  
x86_64/2006.0/RPMS/perl-base-5.8.7-3.2.20060mdk.x86_64.rpm
 ced9d56a6b9ae7196397f9d7b8e1e41f  
x86_64/2006.0/RPMS/perl-devel-5.8.7-3.2.20060mdk.x86_64.rpm
 896727d0819ed6161229f4c8722a67fc  
x86_64/2006.0/RPMS/perl-doc-5.8.7-3.2.20060mdk.x86_64.rpm
 241e526b1892577f35663073adcc4a97  
x86_64/2006.0/RPMS/perl-suid-5.8.7-3.2.20060mdk.x86_64.rpm
 acde621a5890ff325a1ad8ffe83dc1ca  
x86_64/2006.0/SRPMS/perl-5.8.7-3.2.20060mdk.src.rpm

 Corporate Server 2.1:
 d20049231eead3d45b0b9281e1decb4c  
corporate/2.1/RPMS/perl-5.8.0-14.6.C21mdk.i586.rpm
 5da0de8e1beeba847d3576a7a06a496e  
corporate/2.1/RPMS/perl-base-5.8.0-14.6.C21mdk.i586.rpm
 09a1f64c8b71c473bc0779720defa812  
corporate/2.1/RPMS/perl-devel-5.8.0-14.6.C21mdk.i586.rpm
 512a995b03bc5e0c1d2dd22c7b326510  
corporate/2.1/RPMS/perl-doc-5.8.0-14.6.C21mdk.i586.rpm
 1b6f22e9b27bf9dc6e029b129c64f17d  
corporate/2.1/SRPMS/perl-5.8.0-14.6.C21mdk.src.rpm

 Corporate Server 2.1/X86_64:
 5d2d2f4908b9c6e8f51d6bb8d961eebe  
x86_64/corporate/2.1/RPMS/perl-5.8.0-14.6.C21mdk.x86_64.rpm
 5b72479d3df3ae87fa4edf2a105e748d  
x86_64/corporate/2.1/RPMS/perl-base-5.8.0-14.6.C21mdk.x86_64.rpm
 3559e60ed31815f3902b75df42afc3d7  
x86_64/corporate/2.1/RPMS/perl-devel-5.8.0-14.6.C21mdk.x86_64.rpm
 00a8c82a911814a113ae2eaf6915d47b  
x86_64/corporate/2.1/RPMS/perl-doc-5.8.0-14.6.C21mdk.x86_64.rpm
 1b6f22e9b27bf9dc6e029b129c64f17d  
x86_64/corporate/2.1/SRPMS/perl-5.8.0-14.6.C21mdk.src.rpm

 Corporate 3.0:
 7b1917b673681d9de4e4737af0b121c8  
corporate/3.0/RPMS/perl-5.8.3-5.5.C30mdk.i586.rpm
 2ddb28f87a9ab94bfda90fc476da3805  
corporate/3.0/RPMS/perl-base-5.8.3-5.5.C30mdk.i586.rpm
 c939615d266f5fa4ed1755ce31915dde  
corporate/3.0/RPMS/perl-devel-5.8.3-5.5.C30mdk.i586.rpm
 ca449fac6c286d5bbd0c3bd137316e98  
corporate/3.0/RPMS/perl-doc-5.8.3-5.5.C30mdk.i586.rpm
 d3a7de2cfc352459b85cdc261b57d1e6  
corporate/3.0/SRPMS/perl-5.8.3-5.5.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 4578c3ad7a7c4fd87086ac571478ae1b  
x86_64/corporate/3.0/RPMS/perl-5.8.3-5.5.C30mdk.x86_64.rpm
 bbe873bc27e07d05c7d4846edd34acec  
x86_64/corporate/3.0/RPMS/perl-base-5.8.3-5.5.C30mdk.x86_64.rpm
 833889de8df484c212c69a1e658f5ffe  
x86_64/corporate/3.0/RPMS/perl-devel-5.8.3-5.5.C30mdk.x86_64.rpm
 c9dbf8d3ca9715e33bbc664efc2dca24  
x86_64/corporate/3.0/RPMS/perl-doc-5.8.3-5.5.C30mdk.x86_64.rpm
 d3a7de2cfc352459b85cdc261b57d1e6  
x86_64/corporate/3.0/SRPMS/perl-5.8.3-5.5.C30mdk.src.rpm

 Multi Network Firewall 2.0:
 0f29d338645e61084cf87953c331c87e  mnf/2.0/RPMS/perl-5.8.3-5.5.M20mdk.i586.rpm
 fee6e3863a13cd043b29ae0fcd053221  
mnf/2.0/RPMS/perl-base-5.8.3-5.5.M20mdk.i586.rpm
 be47c56a9ae307c338031dcb5194e491  
mnf/2.0/RPMS/perl-devel-5.8.3-5.5.M20mdk.i586.rpm
 d0c6075c99103eb8b3bea0a38d1c9cdf  
mnf/2.0/RPMS/perl-doc-5.8.3-5.5.M20mdk.i586.rpm
 8ce4eff23c4dd50c5bbaef75b69c5482  mnf/2.0/SRPMS/perl-5.8.3-5.5.M20mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDmHCHmqjQ0CJFipgRAqcOAJ9RYgrQInmj/Zb6GQJ3P/InER45AACdH0Hb
8JyIR1xCBe8esCPSpk2xsl4=
=b5Xy
-----END PGP SIGNATURE-----