perl-5.8.8-10.3.1AXS3

エラータID: AXSA:2008-74:01

Release date: 
Wednesday, August 13, 2008 - 15:56
Subject: 
perl-5.8.8-10.3.1AXS3
Affected Channels: 
Asianux Server 3 for ppc
Asianux Server 3 for ia64
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity: 
High
Description: 

Perl is a high-level programming language commonly used for system
administration utilities and Web programming.
A flaw was found in Perl's regular expression engine. A specially crafted
regular expression with Unicode characters could trigger a buffer overflow,
causing Perl to crash, or possibly execute arbitrary code with the
privileges of the user running Perl. (CVE-2008-1927)
Users of perl are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue.

Solution: 

Update packages

CVEs: 
CVE-2008-1927
Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service (memory corruption and crash) via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems.


Additional Info: 

N/A

Download: 

Asianux Server 3 for x86
  1. perl-5.8.8-10.3.1AXS3.i386.rpm
    MD5: 199b6f753d59ca3d583a4527dc513eef
    SHA-256: 597d4c3b2d7d6f868674f36b3bbfc7c49de89ecb9417ec0015eb8f535929d377
    Size: 11.66 MB
  2. perl-suidperl-5.8.8-10.3.1AXS3.i386.rpm
    MD5: 35bdb75d2c0f0f575baf2c60642307cf
    SHA-256: 448224f2d35b5176feb214063e4614ab7ce014cdc8d678774b5dd27916e18027
    Size: 57.30 kB

Asianux Server 3 for x86_64
  1. perl-5.8.8-10.3.1AXS3.x86_64.rpm
    MD5: 15c9e83d7b0fd0c27f78151f0cd3f12d
    SHA-256: 413a57e026aee5dfa883804ddf5a94d61536dc3574554227ff660175cc808493
    Size: 12.30 MB
  2. perl-suidperl-5.8.8-10.3.1AXS3.x86_64.rpm
    MD5: a8130a5b756b4390bbf1e9907cd469ee
    SHA-256: 4d00b0b645a6352522ef25c8c4a9798a05e2bd11dc5ca002597953f26d8746c2
    Size: 58.33 kB