Hello,
I have my 6.1 LFS system built as per the book, and am now
trying to implement the errata. At the LFS web site in the
errata section, I find the following regarding Perl-5.8.6
vulnerabilities:
We advise upgrading to Perl-5.8.7 to fix the first
three vulnerabilities. The fourth vulnerability is
considered low-risk and mainly affect the scripts
in the test suite. An unofficial patch exists for
those who may want to apply it.
However, there are five vulnerabilities listed:
CAN-2005-0448
CAN-2004-0452
CAN-2005-0155
CAN-2005-0156
CAN-2004-0976
>From the description, it sounds like what is referred to
as "The fourth vulnerability" should actually be the fifth
vulnerability. So my questions are, (a) is this correct?
and (b) does upgrading to Perl-5.8.7 fix the first four,
not just the first three vulnerabilities? I tried to
follow the links for the vulnerabilities, and read the
information at the associated websites, but I'm afraid
much of it is over my head...
Mike
--
http://linuxfromscratch.org/mailman/listinfo/lfs-support
FAQ: http://www.linuxfromscratch.org/lfs/faq.html
Unsubscribe: See the above information page
