lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1ONBWD-0007iF-3f@titan.mandriva.com>
Date: Fri, 11 Jun 2010 23:12:00 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2010:115 ] perl


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2010:115
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : perl
 Date    : June 11, 2010
 Affected: 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0,
           Multi Network Firewall 2.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been discovered and corrected in
 Safe.pm which could lead to escalated privilegies (CVE-2010-1168,
 CVE-2010-1447). The updated packages have been patched to correct
 these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1168
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1447
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.0:
 00d3098831f3c94fd3e301a2e9b3d3d2  2009.0/i586/perl-5.10.0-25.2mdv2009.0.i586.rpm
 5eb7a1bda35c58f0bf353cfa845ef65e  2009.0/i586/perl-base-5.10.0-25.2mdv2009.0.i586.rpm
 e465d32e8e21049d63ebc6c44730b691  2009.0/i586/perl-devel-5.10.0-25.2mdv2009.0.i586.rpm
 479cdd1789b4ddb41e9309ebf24ba418  2009.0/i586/perl-doc-5.10.0-25.2mdv2009.0.i586.rpm
 7c0936a984a432ed2e1bfc44c0d09fc9  2009.0/i586/perl-suid-5.10.0-25.2mdv2009.0.i586.rpm 
 82a2602a2f8ae6cf3a675a6918e24d3e  2009.0/SRPMS/perl-5.10.0-25.2mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 d3f41fadc8bd3688a8b0189eb1968c77  2009.0/x86_64/perl-5.10.0-25.2mdv2009.0.x86_64.rpm
 e5655094bbf5d1925db468ff707b8e18  2009.0/x86_64/perl-base-5.10.0-25.2mdv2009.0.x86_64.rpm
 3c7aa589dfc884a80e4e70b269140d44  2009.0/x86_64/perl-devel-5.10.0-25.2mdv2009.0.x86_64.rpm
 96691039825e0d138ecfb4f4731736ea  2009.0/x86_64/perl-doc-5.10.0-25.2mdv2009.0.x86_64.rpm
 6854569c6281b018af7afbb2f3bc04ad  2009.0/x86_64/perl-suid-5.10.0-25.2mdv2009.0.x86_64.rpm 
 82a2602a2f8ae6cf3a675a6918e24d3e  2009.0/SRPMS/perl-5.10.0-25.2mdv2009.0.src.rpm

 Mandriva Linux 2009.1:
 32ac91fdee352364f14770ec855e0375  2009.1/i586/perl-5.10.0-25.1mdv2009.1.i586.rpm
 a6d92fad394404c4f6e4ecdedf0ef3d0  2009.1/i586/perl-base-5.10.0-25.1mdv2009.1.i586.rpm
 6ec44b6cd15d787afa051aa2f7a079a0  2009.1/i586/perl-devel-5.10.0-25.1mdv2009.1.i586.rpm
 56cc85abe12ffc13e91c7d606c3f5a2f  2009.1/i586/perl-doc-5.10.0-25.1mdv2009.1.i586.rpm
 6e5389395602f29f3678c9e8a5f1aa15  2009.1/i586/perl-suid-5.10.0-25.1mdv2009.1.i586.rpm 
 d67bc28faa49cd0656ac8256c7cff801  2009.1/SRPMS/perl-5.10.0-25.1mdv2009.1.src.rpm

 Mandriva Linux 2009.1/X86_64:
 5e955d0a68966fa5e8a408381e7046dd  2009.1/x86_64/perl-5.10.0-25.1mdv2009.1.x86_64.rpm
 9de85776e7e93665721dce1731474229  2009.1/x86_64/perl-base-5.10.0-25.1mdv2009.1.x86_64.rpm
 2dcc1876750306565ca77cfa69e83e2b  2009.1/x86_64/perl-devel-5.10.0-25.1mdv2009.1.x86_64.rpm
 2a24a59f7557ecd5f9f231677b50fa00  2009.1/x86_64/perl-doc-5.10.0-25.1mdv2009.1.x86_64.rpm
 bb2d6a661623d31317822aeb7308b9dd  2009.1/x86_64/perl-suid-5.10.0-25.1mdv2009.1.x86_64.rpm 
 d67bc28faa49cd0656ac8256c7cff801  2009.1/SRPMS/perl-5.10.0-25.1mdv2009.1.src.rpm

 Corporate 4.0:
 b326fe2db35f1dd9ac9169f9af6b5fc1  corporate/4.0/i586/perl-5.8.7-3.6.20060mlcs4.i586.rpm
 3283f2531e5d33008b61575d7c90cedd  corporate/4.0/i586/perl-base-5.8.7-3.6.20060mlcs4.i586.rpm
 2dea5e372272c9990fb79d5e0b3d4c16  corporate/4.0/i586/perl-devel-5.8.7-3.6.20060mlcs4.i586.rpm
 245ea4f820b232d147045b1e02e1bbb5  corporate/4.0/i586/perl-doc-5.8.7-3.6.20060mlcs4.i586.rpm
 3e2bad0ffc7ed43c865c6ae1b76f05ef  corporate/4.0/i586/perl-suid-5.8.7-3.6.20060mlcs4.i586.rpm 
 65dfaa9de6379b4d1f7a7b996b6af8be  corporate/4.0/SRPMS/perl-5.8.7-3.6.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 2bb0dc22bd0bae5dd123d95f7f304934  corporate/4.0/x86_64/perl-5.8.7-3.6.20060mlcs4.x86_64.rpm
 54dd2c26efb5f0b83f8f82cc6da12e46  corporate/4.0/x86_64/perl-base-5.8.7-3.6.20060mlcs4.x86_64.rpm
 15f9345bd763e98aff10ffc36811f699  corporate/4.0/x86_64/perl-devel-5.8.7-3.6.20060mlcs4.x86_64.rpm
 297218e6bf27da8dd414078b36218757  corporate/4.0/x86_64/perl-doc-5.8.7-3.6.20060mlcs4.x86_64.rpm
 526f48beb05b4175e867bc1ec852fa77  corporate/4.0/x86_64/perl-suid-5.8.7-3.6.20060mlcs4.x86_64.rpm 
 65dfaa9de6379b4d1f7a7b996b6af8be  corporate/4.0/SRPMS/perl-5.8.7-3.6.20060mlcs4.src.rpm

 Mandriva Enterprise Server 5:
 95bfe8ce07733fe7ec7890bacf1770f5  mes5/i586/perl-5.10.0-25.2mdvmes5.1.i586.rpm
 04d8c9d3262848cae5211d136c83b995  mes5/i586/perl-base-5.10.0-25.2mdvmes5.1.i586.rpm
 8186d5d14d1aec46e27b12540c98673a  mes5/i586/perl-devel-5.10.0-25.2mdvmes5.1.i586.rpm
 0f13e7c3e3ed27b539e1f1cb8a881be2  mes5/i586/perl-doc-5.10.0-25.2mdvmes5.1.i586.rpm
 4e9f1aae20148662c3dee770a792f55c  mes5/i586/perl-suid-5.10.0-25.2mdvmes5.1.i586.rpm 
 d9e5230e96aa99ef5c5a5c52e3061c4a  mes5/SRPMS/perl-5.10.0-25.2mdvmes5.1.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 869dfeea157fc17cedf1e9e66ddb3bb9  mes5/x86_64/perl-5.10.0-25.2mdvmes5.1.x86_64.rpm
 b20b2f46b7a74f8e98e19c8b917e6292  mes5/x86_64/perl-base-5.10.0-25.2mdvmes5.1.x86_64.rpm
 116dc346f811a5cd6bfaec340b79aac1  mes5/x86_64/perl-devel-5.10.0-25.2mdvmes5.1.x86_64.rpm
 75d5d76d48f16ea5af6e5a903e553d43  mes5/x86_64/perl-doc-5.10.0-25.2mdvmes5.1.x86_64.rpm
 c0067e1c7f55bfffc7f7527a4268b6c8  mes5/x86_64/perl-suid-5.10.0-25.2mdvmes5.1.x86_64.rpm 
 d9e5230e96aa99ef5c5a5c52e3061c4a  mes5/SRPMS/perl-5.10.0-25.2mdvmes5.1.src.rpm

 Multi Network Firewall 2.0:
 116523d57e391e8200aa088228b97c6a  mnf/2.0/i586/perl-5.8.3-5.9.M20mdk.i586.rpm
 c618fe9ae03b5631f77b601e1cc3261c  mnf/2.0/i586/perl-base-5.8.3-5.9.M20mdk.i586.rpm
 3ecda619d7cc1afe47b1bbfafa0b9672  mnf/2.0/i586/perl-devel-5.8.3-5.9.M20mdk.i586.rpm
 04bfa6b5384b173164912fc4adad9459  mnf/2.0/i586/perl-doc-5.8.3-5.9.M20mdk.i586.rpm 
 72247c85df7d57f488f9792eb88d2b3d  mnf/2.0/SRPMS/perl-5.8.3-5.9.M20mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFMEnfBmqjQ0CJFipgRAjqEAJsErSC9PCwvbWa5h7royEJCuAjytgCgm3a2
NFcHdnhcspKfkVASVXYME3A=
=3PM8
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ