-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2011-15484 2011-11-05 23:37:54 --------------------------------------------------------------------------------
Name : perl Product : Fedora 15 Version : 5.12.4 Release : 163.fc15 URL : http://www.perl.org/ Summary : Practical Extraction and Report Language Description : Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common applications are system administration utilities and web programming. A large proportion of the CGI scripts on the web are written in Perl. You need the perl package installed on your system so that your system can handle Perl scripts. Install this package if you want to program in Perl or enable your system to handle Perl scripts. -------------------------------------------------------------------------------- Update Information: Allow installation with read-only /usr/local, fixes segfault with certain glob flag and with string repeated above 2^31. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 4 2011 Petr Pisar <[email protected]> - 4:5.12.4-163 - Change Perl_repeatcpy() prototype to allow repeat count above 2^31 (bug #720610) - Do not own site directories located in /usr/local (bug #732799) - Fixes CVE-2011-2728 (File::Glob bsd_glob() crash with certain glob flags) (bug #742987) * Wed Oct 5 2011 Petr Pisar <[email protected]> - 4:5.12.4-162 - Fix CVE-2011-3597 (code injection in Digest) (bug #743010) - Fix CVE-2011-2939 (heap overflow while decoding Unicode string) (bug #731246) * Sun Aug 14 2011 Iain Arnell <[email protected]> 4:5.12.4-161 - perl needs to own vendorarch/auto directory (bug #709466) - fix version number in last two changelog entries * Fri Aug 5 2011 Petr Sabata <[email protected]> - 4:5.12.4-160 - Move xsubpp to ExtUtils::ParseXS (#728393) * Tue Jun 21 2011 Marcela Mašláňová <[email protected]> - 4:5.12.4-159 - update to minor update release 5.12.4 - Upstream changes: remove patch for lc tainting RT #87336, - updated Module-CoreList v2.50 in tarball * Wed Jun 1 2011 Marcela Mašláňová <[email protected]> - 4:5.12.3-158 - arm can't do parallel build - add require EE::MM into IPC::Cmd 711486 -------------------------------------------------------------------------------- References: [ 1 ] Bug #720610 - [PATCH] large string repeat count causes heap corruption https://bugzilla.redhat.com/show_bug.cgi?id=720610 [ 2 ] Bug #732799 - perl rpm attempts writing to /usr/local https://bugzilla.redhat.com/show_bug.cgi?id=732799 [ 3 ] Bug #742987 - CVE-2011-2728 perl: File::Glob bsd_glob() crash with certain glob flags https://bugzilla.redhat.com/show_bug.cgi?id=742987 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update perl' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
