Hello and thanks for the bug report. We've previously triaged this issue
in the Ubuntu CVE Tracker:
https://people.canonical.com/~ubuntu-
security/cve/2016/CVE-2016-1238.html
Please watch that page for the latest information for this issue. Thanks
again!
** Changed in: perl (Ubuntu)
Importance: Undecided => Medium
** Changed in: perl (Ubuntu)
Status: New => Triaged
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to perl in Ubuntu.
https://bugs.launchpad.net/bugs/1705145
Title:
upgrade xenial-perl to get important security fixes
Status in perl package in Ubuntu:
Triaged
Bug description:
xenial packages perl at version 5.22.1, as described here --
https://packages.ubuntu.com/xenial/perl
Please could you upgrade the package to reflect 5.22.4, to include
critical bug fixes that have been fixed in the meantime? This is a
binary-compatible upgrade that does not require the recompilation of
perl modules contained in other ubuntu packages.
Debian has already prepared a 5.22.4 build so you should be able to
simply copy that over. The main security issue of concern is this one
-- https://security-tracker.debian.org/tracker/CVE-2016-1238 -- which
directly affects the package managers used by debian and ubuntu.
I am also in touch with the debian perl people, and the core perl
team, so I can answer additional questions or facilitate communication
with either group as needed.
thank you!
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/perl/+bug/1705145/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp