-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDKSA-2005:225 http://www.mandriva.com/security/ _______________________________________________________________________ Package : perl Date : December 8, 2005 Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0, Multi Network Firewall 2.0 _______________________________________________________________________ Problem Description: Jack Louis discovered a new way to exploit format string errors in the Perl programming language that could lead to the execution of arbitrary code. The updated packages are patched to close the particular exploit vector in Perl itself, to mitigate the risk of format string programming errors, however it does not fix problems that may exist in particular pieces of software written in Perl. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3962 http://www.dyadsecurity.com/perl-0002.html _______________________________________________________________________ Updated Packages: Mandriva Linux 10.1: fd77af9b7802f41c22d4902b456fdb32 10.1/RPMS/perl-5.8.5-3.5.101mdk.i586.rpm 49c6b964236039da921a3a0a08105316 10.1/RPMS/perl-base-5.8.5-3.5.101mdk.i586.rpm 01ad564838030c9992ea70b8fa2261c5 10.1/RPMS/perl-devel-5.8.5-3.5.101mdk.i586.rpm 3ff0b066b2b67c9d6f0d6d5d757ed67e 10.1/RPMS/perl-doc-5.8.5-3.5.101mdk.i586.rpm 1e6de184d2c018701d5bc93c60610789 10.1/SRPMS/perl-5.8.5-3.5.101mdk.src.rpm Mandriva Linux 10.1/X86_64: 4fef93b585d891e863588f99c0ddd18d x86_64/10.1/RPMS/perl-5.8.5-3.5.101mdk.x86_64.rpm 9b31454c7a74aa9cab7219ca627100e0 x86_64/10.1/RPMS/perl-base-5.8.5-3.5.101mdk.x86_64.rpm 1b7708eb96804787524bf34bded09edf x86_64/10.1/RPMS/perl-devel-5.8.5-3.5.101mdk.x86_64.rpm cd197160854346c39854f060a9a18d5c x86_64/10.1/RPMS/perl-doc-5.8.5-3.5.101mdk.x86_64.rpm 1e6de184d2c018701d5bc93c60610789 x86_64/10.1/SRPMS/perl-5.8.5-3.5.101mdk.src.rpm Mandriva Linux 10.2: 32b1b7a39b8e0781df41e57188fe5c97 10.2/RPMS/perl-5.8.6-6.2.102mdk.i586.rpm 05ae3f918377371783c491027b081e92 10.2/RPMS/perl-base-5.8.6-6.2.102mdk.i586.rpm 2c5b07488636b42b1b15f40b220fd1fd 10.2/RPMS/perl-devel-5.8.6-6.2.102mdk.i586.rpm c116213d8e3e30407ba994b281d03f52 10.2/RPMS/perl-doc-5.8.6-6.2.102mdk.i586.rpm 54c3f67fd42027442a0f589f2ad9dcec 10.2/SRPMS/perl-5.8.6-6.2.102mdk.src.rpm Mandriva Linux 10.2/X86_64: e0890eb10b116c824c3f9a173097c60e x86_64/10.2/RPMS/perl-5.8.6-6.2.102mdk.x86_64.rpm 75aa18ee9d21d40a639baaee28b238f4 x86_64/10.2/RPMS/perl-base-5.8.6-6.2.102mdk.x86_64.rpm 1dc42978eb832156c82042ece5c616d9 x86_64/10.2/RPMS/perl-devel-5.8.6-6.2.102mdk.x86_64.rpm c4b0b1c2f41d8ab442202136572ec553 x86_64/10.2/RPMS/perl-doc-5.8.6-6.2.102mdk.x86_64.rpm 54c3f67fd42027442a0f589f2ad9dcec x86_64/10.2/SRPMS/perl-5.8.6-6.2.102mdk.src.rpm Mandriva Linux 2006.0: 6333d4baa23e9bc27340ab30d6f6f9fd 2006.0/RPMS/perl-5.8.7-3.2.20060mdk.i586.rpm d91a62f81461a51dfffa6dd8e15b6ab4 2006.0/RPMS/perl-base-5.8.7-3.2.20060mdk.i586.rpm 7d8ec79ab483544765c236c3b7e1ba0f 2006.0/RPMS/perl-devel-5.8.7-3.2.20060mdk.i586.rpm af9b52f68ce3eaf066a21694924a3f22 2006.0/RPMS/perl-doc-5.8.7-3.2.20060mdk.i586.rpm ff8a844680f7df737431fb9c82c5f50d 2006.0/RPMS/perl-suid-5.8.7-3.2.20060mdk.i586.rpm acde621a5890ff325a1ad8ffe83dc1ca 2006.0/SRPMS/perl-5.8.7-3.2.20060mdk.src.rpm Mandriva Linux 2006.0/X86_64: c1fc32b114cd8b2b0af431208da6beaf x86_64/2006.0/RPMS/perl-5.8.7-3.2.20060mdk.x86_64.rpm ebf3e1e5460c9362e3a0fc77dcbddad5 x86_64/2006.0/RPMS/perl-base-5.8.7-3.2.20060mdk.x86_64.rpm ced9d56a6b9ae7196397f9d7b8e1e41f x86_64/2006.0/RPMS/perl-devel-5.8.7-3.2.20060mdk.x86_64.rpm 896727d0819ed6161229f4c8722a67fc x86_64/2006.0/RPMS/perl-doc-5.8.7-3.2.20060mdk.x86_64.rpm 241e526b1892577f35663073adcc4a97 x86_64/2006.0/RPMS/perl-suid-5.8.7-3.2.20060mdk.x86_64.rpm acde621a5890ff325a1ad8ffe83dc1ca x86_64/2006.0/SRPMS/perl-5.8.7-3.2.20060mdk.src.rpm Corporate Server 2.1: d20049231eead3d45b0b9281e1decb4c corporate/2.1/RPMS/perl-5.8.0-14.6.C21mdk.i586.rpm 5da0de8e1beeba847d3576a7a06a496e corporate/2.1/RPMS/perl-base-5.8.0-14.6.C21mdk.i586.rpm 09a1f64c8b71c473bc0779720defa812 corporate/2.1/RPMS/perl-devel-5.8.0-14.6.C21mdk.i586.rpm 512a995b03bc5e0c1d2dd22c7b326510 corporate/2.1/RPMS/perl-doc-5.8.0-14.6.C21mdk.i586.rpm 1b6f22e9b27bf9dc6e029b129c64f17d corporate/2.1/SRPMS/perl-5.8.0-14.6.C21mdk.src.rpm Corporate Server 2.1/X86_64: 5d2d2f4908b9c6e8f51d6bb8d961eebe x86_64/corporate/2.1/RPMS/perl-5.8.0-14.6.C21mdk.x86_64.rpm 5b72479d3df3ae87fa4edf2a105e748d x86_64/corporate/2.1/RPMS/perl-base-5.8.0-14.6.C21mdk.x86_64.rpm 3559e60ed31815f3902b75df42afc3d7 x86_64/corporate/2.1/RPMS/perl-devel-5.8.0-14.6.C21mdk.x86_64.rpm 00a8c82a911814a113ae2eaf6915d47b x86_64/corporate/2.1/RPMS/perl-doc-5.8.0-14.6.C21mdk.x86_64.rpm 1b6f22e9b27bf9dc6e029b129c64f17d x86_64/corporate/2.1/SRPMS/perl-5.8.0-14.6.C21mdk.src.rpm Corporate 3.0: 7b1917b673681d9de4e4737af0b121c8 corporate/3.0/RPMS/perl-5.8.3-5.5.C30mdk.i586.rpm 2ddb28f87a9ab94bfda90fc476da3805 corporate/3.0/RPMS/perl-base-5.8.3-5.5.C30mdk.i586.rpm c939615d266f5fa4ed1755ce31915dde corporate/3.0/RPMS/perl-devel-5.8.3-5.5.C30mdk.i586.rpm ca449fac6c286d5bbd0c3bd137316e98 corporate/3.0/RPMS/perl-doc-5.8.3-5.5.C30mdk.i586.rpm d3a7de2cfc352459b85cdc261b57d1e6 corporate/3.0/SRPMS/perl-5.8.3-5.5.C30mdk.src.rpm Corporate 3.0/X86_64: 4578c3ad7a7c4fd87086ac571478ae1b x86_64/corporate/3.0/RPMS/perl-5.8.3-5.5.C30mdk.x86_64.rpm bbe873bc27e07d05c7d4846edd34acec x86_64/corporate/3.0/RPMS/perl-base-5.8.3-5.5.C30mdk.x86_64.rpm 833889de8df484c212c69a1e658f5ffe x86_64/corporate/3.0/RPMS/perl-devel-5.8.3-5.5.C30mdk.x86_64.rpm c9dbf8d3ca9715e33bbc664efc2dca24 x86_64/corporate/3.0/RPMS/perl-doc-5.8.3-5.5.C30mdk.x86_64.rpm d3a7de2cfc352459b85cdc261b57d1e6 x86_64/corporate/3.0/SRPMS/perl-5.8.3-5.5.C30mdk.src.rpm Multi Network Firewall 2.0: 0f29d338645e61084cf87953c331c87e mnf/2.0/RPMS/perl-5.8.3-5.5.M20mdk.i586.rpm fee6e3863a13cd043b29ae0fcd053221 mnf/2.0/RPMS/perl-base-5.8.3-5.5.M20mdk.i586.rpm be47c56a9ae307c338031dcb5194e491 mnf/2.0/RPMS/perl-devel-5.8.3-5.5.M20mdk.i586.rpm d0c6075c99103eb8b3bea0a38d1c9cdf mnf/2.0/RPMS/perl-doc-5.8.3-5.5.M20mdk.i586.rpm 8ce4eff23c4dd50c5bbaef75b69c5482 mnf/2.0/SRPMS/perl-5.8.3-5.5.M20mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFDmHCHmqjQ0CJFipgRAqcOAJ9RYgrQInmj/Zb6GQJ3P/InER45AACdH0Hb 8JyIR1xCBe8esCPSpk2xsl4= =b5Xy -----END PGP SIGNATURE-----
