ELSA-2010-0458

ELSA-2010-0458 - perl security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2010-06-07

Description

[4:5.8.8-32.el5.1]
- third version of patch fix change of behaviour of rmtree for common user
- Resolves: rhbz#597203

[4:5.8.8-32.el5]
- rhbz#595416 change documentation of File::Path
- Related: rhbz#591167

[4:5.8.8-31.el5]
- remove previous fix
- Related: rhbz#591167

[4:5.8.8-30.el5]
- change config to file on Util.so
- Related: rhbz#594406

[4:5.8.8-29.el5]
- CVE-2008-5302 - use latest patch without Cwd module
- 507378 because of our paths we need to overload old Util.so in case customer installed
Scalar::Util from cpan. In this case we marked new Util.so as .rpmnew.
- Related: rhbz#591167
- Resolves: rhbz#594406

[4:5.8.8-28.el5]
- CVE-2008-5302 perl: File::Path rmtree race condition (CVE-2005-0448)
reintroduced after upstream rebase to 5.8.8-1
- CVE-2010-1168 perl Safe: Intended restriction bypass via object references
- CVE-2010-1447 Safe 2.26 and earlier: Intended restriction bypass via Perl
object references in code executed outside safe compartment
- Related: rhbz#591167

Related CVEs

CVE-2008-5302

CVE-2008-5303

CVE-2010-1168

CVE-2010-1447

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 5 (i386)	perl-5.8.8-32.el5_5.1.src.rpm	f08a2bfc767c97ea179df0ce82912d2d62d08b57d3665756b08739adff4fc245	ELBA-2014-1761	el5_u5_i386_patch
	perl-5.8.8-32.el5_5.1.i386.rpm	e66c7fae30df8eba5286eaac04755ca076cff941bbf14561a649a4922449701b	ELBA-2014-1761	el5_u5_i386_patch
	perl-suidperl-5.8.8-32.el5_5.1.i386.rpm	bf91c11e62b8060a1da790bcaf2257b7f075ec1f8dfec617507741723d811a05	ELBA-2014-1761	el5_u5_i386_patch
Oracle Linux 5 (ia64)	perl-5.8.8-32.el5_5.1.src.rpm	f08a2bfc767c97ea179df0ce82912d2d62d08b57d3665756b08739adff4fc245	ELBA-2014-1761	el5_u5_ia64_patch
	perl-5.8.8-32.el5_5.1.src.rpm	f08a2bfc767c97ea179df0ce82912d2d62d08b57d3665756b08739adff4fc245	ELBA-2014-1761	ol5_ia64_latest
	perl-5.8.8-32.el5_5.1.ia64.rpm	18a2ee77d1ea08222c71afe124b89d955f22cdf5aa0c4e335c7ae105b543ad7e	ELBA-2014-1761	el5_u5_ia64_patch
	perl-5.8.8-32.el5_5.1.ia64.rpm	18a2ee77d1ea08222c71afe124b89d955f22cdf5aa0c4e335c7ae105b543ad7e	ELBA-2014-1761	ol5_ia64_latest
	perl-suidperl-5.8.8-32.el5_5.1.ia64.rpm	39eac3659b2aa471c23bcd33482a65bf56da016c02686a0d4811e5b5fa64f491	ELBA-2014-1761	el5_u5_ia64_patch
	perl-suidperl-5.8.8-32.el5_5.1.ia64.rpm	39eac3659b2aa471c23bcd33482a65bf56da016c02686a0d4811e5b5fa64f491	ELBA-2014-1761	ol5_ia64_latest
Oracle Linux 5 (x86_64)	perl-5.8.8-32.el5_5.1.src.rpm	f08a2bfc767c97ea179df0ce82912d2d62d08b57d3665756b08739adff4fc245	ELBA-2014-1761	el5_u5_x86_64_patch
	perl-5.8.8-32.el5_5.1.x86_64.rpm	0daf5cef7001f2b7344ee09a6f8d0f739c308447b99df740abe941bcff27baa4	ELBA-2014-1761	el5_u5_x86_64_patch
	perl-suidperl-5.8.8-32.el5_5.1.x86_64.rpm	72cf71cfc73dc4ae595f427233f55292409026d88efe51a8225241b5cef5606f	ELBA-2014-1761	el5_u5_x86_64_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team