You are here
Home > Preporuke > Sigurnosni nedostatak programskog jezika perl

Sigurnosni nedostatak programskog jezika perl

by ncert - 0

==========================================================================
Ubuntu Security Notice USN-2099-1
February 05, 2014

perl vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 12.10
– Ubuntu 12.04 LTS
– Ubuntu 10.04 LTS

Summary:

Perl could be made to run programs if it processed a specially crafted
Locale::Maketext templates.

Software Description:
– perl: Practical Extraction and Report Language

Details:

It was discovered that Perl’s Locale::Maketext module incorrectly handled
backslashes and fully qualified method names. An attacker could possibly
use this flaw to execute arbitrary code when an application used untrusted
templates.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.10:
perl-modules 5.14.2-13ubuntu0.3

Ubuntu 12.04 LTS:
perl-modules 5.14.2-6ubuntu2.4

Ubuntu 10.04 LTS:
perl-modules 5.10.1-8ubuntu2.4

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2099-1
CVE-2012-6329

Package Information:
https://launchpad.net/ubuntu/+source/perl/5.14.2-13ubuntu0.3
https://launchpad.net/ubuntu/+source/perl/5.14.2-6ubuntu2.4
https://launchpad.net/ubuntu/+source/perl/5.10.1-8ubuntu2.4

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird – http://www.enigmail.net/

iQIcBAEBCgAGBQJS8oqJAAoJEGVp2FWnRL6Tk0oP/2ZDXIuizgzyJc/sH5v/Fbkv
D1aNxJ7kUuzsVJSjPGTsjL0Djk+lMjZdDgo4yVY675fYJGjBGmY2J+yROA8T8Gs0
GDa8xcdt1ilCGNNs8Q6/nnVd7dUGmJJOQL0/tjOxixyCLtyc23KJeN9pbJFaCyFp
RO/ogfglqRQ2D/hcJ6Zn22+dU6ZhqZhKXCbee5f9ZSmdh+xLas4JrFcfn2iHTRTy
wo47aCOi45zCw2+1F2rnJaigSv6b/vtrRamp2QA++9mkNgNywVeG8xMCJtYP9C7W
Ygc5PLsZ9Ma07rOrValzedLC71VfmwxZCqvbZ9KdZQ5Q23qGb5PH3SDvIEkgAxkT
TcHnkopfgXRFmI1MgatpIreUmobLidiyEA9iT0lCXvl8WM0KddBs/T36cmpoufIT
5sSc2TtnzmgY+DQjeMl8ZpjILZDSCS8In+dT2b2QM7RYAhB6KhSN5MPHF8gUux3Y
imbcdP+9YKiDIx8Yb16B2nJ80oWA6uET5ZTczkmHXm7SV+ygjLzC8G9HtA502Vra
yTue0/AM+BP7qQLujjOJmVP7OrTr0+Y/Ppd6SBZFT74B34frg2MiruAy8gDcvhoC
CBpiwmhXJhW0bBszG9y/1EKRsSgcgQz4LNmTUBWUK8d4mwGcGGCoHX7x3/DhPXpX
g2PQZTkOdKw1NTrOAIwY
=yCUY
—–END PGP SIGNATURE—–

ncert
Top
More in Preporuke
Višestruke ranjivosti programskog paketa pidgin

Izdane su zakrpe za otklanjanje višestrukih ranjivosti programskog paketa pidgin. Ranjivosti su posljedica višestrukih prekoračenja spremnika gomile pronađenih u načinu...

Close