-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2011-15479 2011-11-05 23:37:40 --------------------------------------------------------------------------------
Name : perl Product : Fedora 14 Version : 5.12.4 Release : 148.fc14 URL : http://www.perl.org/ Summary : Practical Extraction and Report Language Description : Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common applications are system administration utilities and web programming. A large proportion of the CGI scripts on the web are written in Perl. You need the perl package installed on your system so that your system can handle Perl scripts. Install this package if you want to program in Perl or enable your system to handle Perl scripts. -------------------------------------------------------------------------------- Update Information: Fix segfault with certain glob flag and with string repeated above 2^31, move xsubpp to perl-ExtUtils-ParseXS. -------------------------------------------------------------------------------- ChangeLog: * Fri Nov 4 2011 Petr Pisar <[email protected]> - 4:5.12.4-148 - Change Perl_repeatcpy() prototype to allow repeat count above 2^31 (bug #720610) - Fixes CVE-2011-2728 (File::Glob bsd_glob() crash with certain glob flags) (bug #742987) - Move xsubpp to ExtUtils::ParseXS (#728393) * Wed Oct 5 2011 Petr Pisar <[email protected]> - 4:5.12.4-147 - Fix CVE-2011-3597 (code injection in Digest) (bug #743010) - Fix CVE-2011-2939 (heap overflow while decoding Unicode string) (bug #731246) * Fri Jun 24 2011 Marcela Mašláňová <[email protected]> - 4:5.12.4-146 - every Fedora has different paths -> remove dirs, which were added in previous commit * Wed Jun 22 2011 Marcela Mašláňová <[email protected]> - 4:5.12.4-145 - update to minor update release 5.12.4 - Upstream changes: remove patch for lc tainting RT #87336, - updated Module-CoreList v2.50 in tarball - add un-owned but existing perl_vendorarch * Wed Jun 1 2011 Marcela Mašláňová <[email protected]> - 4:5.12.3-144 - arm can't do parallel build - add require EE::MM into IPC::Cmd 711486 * Fri Apr 1 2011 Marcela Mašláňová <[email protected]> - 4:5.12.3-143 - 692900 - lc launders tainted flag, RT #87336 * Thu Mar 10 2011 Tom Callaway <[email protected]> - 4:5.12.3-142 - update ExtUtils::ParseXS to 2.2206 (current) to fix Wx build * Mon Jan 24 2011 Marcela Mašláňová <[email protected]> - 4:5.12.3-141 - stable update 5.12.3 - add COMPAT * Wed Dec 1 2010 Marcela Mašláňová <[email protected]> - 4:5.12.2-140 - create sub-package for CGI 3.49 - create sub-package for threads-shared * Tue Nov 9 2010 Petr Pisar <[email protected]> - 4:5.12.2-139 - Sub-package perl-Class-ISA (bug #651317) * Mon Nov 8 2010 Marcela Mašláňová <[email protected]> - 4:5.12.2-138 - 643447 fix redefinition of constant C in h2ph (visible in git send mail, XML::Twig test suite) * Mon Nov 8 2010 Petr Pisar <[email protected]> - 4:5.12.2-137 - Make perl(ExtUtils::ParseXS) version 4 digits long (bug #650882) -------------------------------------------------------------------------------- References: [ 1 ] Bug #720610 - [PATCH] large string repeat count causes heap corruption https://bugzilla.redhat.com/show_bug.cgi?id=720610 [ 2 ] Bug #742987 - CVE-2011-2728 perl: File::Glob bsd_glob() crash with certain glob flags https://bugzilla.redhat.com/show_bug.cgi?id=742987 [ 3 ] Bug #728393 - /usr/bin/xsubpp should be part of perl-ExtUtils-ParseXS rather than perl-devel https://bugzilla.redhat.com/show_bug.cgi?id=728393 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update perl' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
