You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa perl

Sigurnosni nedostaci programskog paketa perl

——————————————————————————–
Fedora Update Notification
FEDORA-2017-2008fdd7e2
2017-10-13 15:00:03.097659
——————————————————————————–

Name : perl
Product : Fedora 25
Version : 5.24.3
Release : 389.fc25
URL : http://www.perl.org/
Summary : Practical Extraction and Report Language
Description :
Perl is a high-level programming language with roots in C, sed, awk and shell
scripting. Perl is good at handling processes and files, and is especially
good at handling text. Perl’s hallmarks are practicality and efficiency.
While it is used to do a lot of different things, Perl’s most common
applications are system administration utilities and web programming.

Install this package if you want to program in Perl or enable your system to
handle Perl scripts with /usr/bin/perl interpreter.

If your script requires some Perl modules, you can install them with
“perl(MODULE)” where “MODULE” is a name of required module. E.g. install
“perl(Test::More)” to make Test::More Perl module available.

If you need all the Perl modules that come with upstream Perl sources, so
called core modules, install perl-core package.

If you only need perl run-time as a shared library, i.e. Perl interpreter
embedded into another application, the only essential package is perl-libs.

Perl header files can be found in perl-devel package.

Perl utils like “splain” or “perlbug” can be found in perl-utils package.

——————————————————————————–
Update Information:

Update perl(:MODULE_COMPAT_*) —- Security fix for CVE-2017-12837
CVE-2017-12883 (see <http://search.cpan.org/dist/perl-5.24.3/pod/perldelta.pod>)
——————————————————————————–
References:

[ 1 ] Bug #1492091 – CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler
https://bugzilla.redhat.com/show_bug.cgi?id=1492091
[ 2 ] Bug #1492093 – CVE-2017-12883 perl: Buffer over-read in regular expression parser
https://bugzilla.redhat.com/show_bug.cgi?id=1492093
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade perl’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa recode

Otkriven je sigurnosni nedostatak u programskom paketu recode za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izvođenje napada uskraćivanjem...

Close