LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

SUSE alert SUSE-SU-2013:0442-1 (Perl)



From:
    	      opensuse-security@opensuse.org 


To:
    	      opensuse-security-announce@opensuse.org 


Subject:
    	      [security-announce] SUSE-SU-2013:0442-1: important: Security update for Perl 


Date:
    	      Wed, 13 Mar 2013 00:05:41 +0100 (CET)


Message-ID:
    	      <20130312230541.3C69E32172@maintenance.suse.de>


Archive-link:
    	      Article, Thread
              


   SUSE Security Update: Security update for Perl
______________________________________________________________________________

Announcement ID:    SUSE-SU-2013:0442-1
Rating:             important
References:         #788388 #789994 #796014 #797060 #804415 
Cross-References:   CVE-2013-1667
Affected Products:
                    SUSE Linux Enterprise Server 10 SP4
                    SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________

   An update that solves one vulnerability and has four fixes
   is now available.

Description:


   This update of Perl 5 fixes the following security issues:

   * fix rehash DoS [bnc#804415] [CVE-2013-1667]
   * improve CGI crlf escaping [bnc#789994] [CVE-2012-5526]
   * fix glob denial of service [bnc#796014]
   [CVE-2011-2728]
   * sanitize input in Maketext.pm [bnc#797060]
   [CVE-2012-6329]
   * make getgrent work with long group entries
   [bnc#788388]

   Security Issue reference:

   * CVE-2013-1667
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1667
   >



Package List:

   - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):

      perl-5.8.8-14.21.3

   - SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):

      perl-32bit-5.8.8-14.21.3

   - SUSE Linux Enterprise Server 10 SP4 (ia64):

      perl-x86-5.8.8-14.21.3

   - SUSE Linux Enterprise Server 10 SP4 (ppc):

      perl-64bit-5.8.8-14.21.3

   - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

      perl-5.8.8-14.21.3

   - SUSE Linux Enterprise Desktop 10 SP4 (x86_64):

      perl-32bit-5.8.8-14.21.3


References:

   http://support.novell.com/security/cve/CVE-2013-1667.html
   https://bugzilla.novell.com/788388
   https://bugzilla.novell.com/789994
   https://bugzilla.novell.com/796014
   https://bugzilla.novell.com/797060
   https://bugzilla.novell.com/804415
   http://download.novell.com/patch/finder/?keywords=ed1929d...

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds