Mageia alert MGASA-2012-0352 (perl) [LWN.net]


From:
    	       Mageia Updates <buildsystem-daemon@mageia.org> 
To:
    	       updates-announce@ml.mageia.org 
Subject:
    	       [updates-announce] MGASA-2012-0352: perl-5.14.2-8.mga2 (2/core) 
Date:
    	       Fri, 7 Dec 2012 13:09:38 +0100
Message-ID:
    	       <20121207120938.GA15209@valstar.mageia.org>
Archive-link:
    	       Article, Thread
              
MGASA-2012-0352
Date: 	December 7th, 2012
Affected releases: 	2


Description:
Updated perl packages fix security vulnerability:

It was discovered that Perl's 'x' string repeat operator is vulnerable
to a heap-based buffer overflow. An attacker could use this to execute
arbitrary code (CVE-2012-5195).


Updated Packages:
perl-5.14.2-8.mga2
perl-base-5.14.2-8.mga2
perl-devel-5.14.2-8.mga2
perl-doc-5.14.2-8.mga2


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5195
http://www.ubuntu.com/usn/usn-1643-1/
https://bugs.mageia.org/show_bug.cgi?id=8253
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-...
(Log in to post comments)