Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: CVE-2005-3962 Perl integer overflow issue https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174684 ------- Additional Comments From jvdias@xxxxxxxxxx 2005-12-08 14:12 EST ------- The upstream perl maintainers have combined the above patch #26244 with other sprintf improvements to deal with Sys::Syslog security vulnerabilities, which are also the subject of CVE-2005-3912 ( CVE-2005-3962 has now been raised on this specific integer overflow issue ). It is recommended to apply upstream patches 26235 to 26240 inclusive and 26244 to solve these issues - I've attached the patches sent by Nicholas Clark, the upstream perl maintainer, to this bug. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
