[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1ONBWD-0007iF-3f@titan.mandriva.com>
Date: Fri, 11 Jun 2010 23:12:00 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2010:115 ] perl
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2010:115
http://www.mandriva.com/security/
_______________________________________________________________________
Package : perl
Date : June 11, 2010
Affected: 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0,
Multi Network Firewall 2.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been discovered and corrected in
Safe.pm which could lead to escalated privilegies (CVE-2010-1168,
CVE-2010-1447). The updated packages have been patched to correct
these issues.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1168
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1447
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2009.0:
00d3098831f3c94fd3e301a2e9b3d3d2 2009.0/i586/perl-5.10.0-25.2mdv2009.0.i586.rpm
5eb7a1bda35c58f0bf353cfa845ef65e 2009.0/i586/perl-base-5.10.0-25.2mdv2009.0.i586.rpm
e465d32e8e21049d63ebc6c44730b691 2009.0/i586/perl-devel-5.10.0-25.2mdv2009.0.i586.rpm
479cdd1789b4ddb41e9309ebf24ba418 2009.0/i586/perl-doc-5.10.0-25.2mdv2009.0.i586.rpm
7c0936a984a432ed2e1bfc44c0d09fc9 2009.0/i586/perl-suid-5.10.0-25.2mdv2009.0.i586.rpm
82a2602a2f8ae6cf3a675a6918e24d3e 2009.0/SRPMS/perl-5.10.0-25.2mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
d3f41fadc8bd3688a8b0189eb1968c77 2009.0/x86_64/perl-5.10.0-25.2mdv2009.0.x86_64.rpm
e5655094bbf5d1925db468ff707b8e18 2009.0/x86_64/perl-base-5.10.0-25.2mdv2009.0.x86_64.rpm
3c7aa589dfc884a80e4e70b269140d44 2009.0/x86_64/perl-devel-5.10.0-25.2mdv2009.0.x86_64.rpm
96691039825e0d138ecfb4f4731736ea 2009.0/x86_64/perl-doc-5.10.0-25.2mdv2009.0.x86_64.rpm
6854569c6281b018af7afbb2f3bc04ad 2009.0/x86_64/perl-suid-5.10.0-25.2mdv2009.0.x86_64.rpm
82a2602a2f8ae6cf3a675a6918e24d3e 2009.0/SRPMS/perl-5.10.0-25.2mdv2009.0.src.rpm
Mandriva Linux 2009.1:
32ac91fdee352364f14770ec855e0375 2009.1/i586/perl-5.10.0-25.1mdv2009.1.i586.rpm
a6d92fad394404c4f6e4ecdedf0ef3d0 2009.1/i586/perl-base-5.10.0-25.1mdv2009.1.i586.rpm
6ec44b6cd15d787afa051aa2f7a079a0 2009.1/i586/perl-devel-5.10.0-25.1mdv2009.1.i586.rpm
56cc85abe12ffc13e91c7d606c3f5a2f 2009.1/i586/perl-doc-5.10.0-25.1mdv2009.1.i586.rpm
6e5389395602f29f3678c9e8a5f1aa15 2009.1/i586/perl-suid-5.10.0-25.1mdv2009.1.i586.rpm
d67bc28faa49cd0656ac8256c7cff801 2009.1/SRPMS/perl-5.10.0-25.1mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64:
5e955d0a68966fa5e8a408381e7046dd 2009.1/x86_64/perl-5.10.0-25.1mdv2009.1.x86_64.rpm
9de85776e7e93665721dce1731474229 2009.1/x86_64/perl-base-5.10.0-25.1mdv2009.1.x86_64.rpm
2dcc1876750306565ca77cfa69e83e2b 2009.1/x86_64/perl-devel-5.10.0-25.1mdv2009.1.x86_64.rpm
2a24a59f7557ecd5f9f231677b50fa00 2009.1/x86_64/perl-doc-5.10.0-25.1mdv2009.1.x86_64.rpm
bb2d6a661623d31317822aeb7308b9dd 2009.1/x86_64/perl-suid-5.10.0-25.1mdv2009.1.x86_64.rpm
d67bc28faa49cd0656ac8256c7cff801 2009.1/SRPMS/perl-5.10.0-25.1mdv2009.1.src.rpm
Corporate 4.0:
b326fe2db35f1dd9ac9169f9af6b5fc1 corporate/4.0/i586/perl-5.8.7-3.6.20060mlcs4.i586.rpm
3283f2531e5d33008b61575d7c90cedd corporate/4.0/i586/perl-base-5.8.7-3.6.20060mlcs4.i586.rpm
2dea5e372272c9990fb79d5e0b3d4c16 corporate/4.0/i586/perl-devel-5.8.7-3.6.20060mlcs4.i586.rpm
245ea4f820b232d147045b1e02e1bbb5 corporate/4.0/i586/perl-doc-5.8.7-3.6.20060mlcs4.i586.rpm
3e2bad0ffc7ed43c865c6ae1b76f05ef corporate/4.0/i586/perl-suid-5.8.7-3.6.20060mlcs4.i586.rpm
65dfaa9de6379b4d1f7a7b996b6af8be corporate/4.0/SRPMS/perl-5.8.7-3.6.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
2bb0dc22bd0bae5dd123d95f7f304934 corporate/4.0/x86_64/perl-5.8.7-3.6.20060mlcs4.x86_64.rpm
54dd2c26efb5f0b83f8f82cc6da12e46 corporate/4.0/x86_64/perl-base-5.8.7-3.6.20060mlcs4.x86_64.rpm
15f9345bd763e98aff10ffc36811f699 corporate/4.0/x86_64/perl-devel-5.8.7-3.6.20060mlcs4.x86_64.rpm
297218e6bf27da8dd414078b36218757 corporate/4.0/x86_64/perl-doc-5.8.7-3.6.20060mlcs4.x86_64.rpm
526f48beb05b4175e867bc1ec852fa77 corporate/4.0/x86_64/perl-suid-5.8.7-3.6.20060mlcs4.x86_64.rpm
65dfaa9de6379b4d1f7a7b996b6af8be corporate/4.0/SRPMS/perl-5.8.7-3.6.20060mlcs4.src.rpm
Mandriva Enterprise Server 5:
95bfe8ce07733fe7ec7890bacf1770f5 mes5/i586/perl-5.10.0-25.2mdvmes5.1.i586.rpm
04d8c9d3262848cae5211d136c83b995 mes5/i586/perl-base-5.10.0-25.2mdvmes5.1.i586.rpm
8186d5d14d1aec46e27b12540c98673a mes5/i586/perl-devel-5.10.0-25.2mdvmes5.1.i586.rpm
0f13e7c3e3ed27b539e1f1cb8a881be2 mes5/i586/perl-doc-5.10.0-25.2mdvmes5.1.i586.rpm
4e9f1aae20148662c3dee770a792f55c mes5/i586/perl-suid-5.10.0-25.2mdvmes5.1.i586.rpm
d9e5230e96aa99ef5c5a5c52e3061c4a mes5/SRPMS/perl-5.10.0-25.2mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64:
869dfeea157fc17cedf1e9e66ddb3bb9 mes5/x86_64/perl-5.10.0-25.2mdvmes5.1.x86_64.rpm
b20b2f46b7a74f8e98e19c8b917e6292 mes5/x86_64/perl-base-5.10.0-25.2mdvmes5.1.x86_64.rpm
116dc346f811a5cd6bfaec340b79aac1 mes5/x86_64/perl-devel-5.10.0-25.2mdvmes5.1.x86_64.rpm
75d5d76d48f16ea5af6e5a903e553d43 mes5/x86_64/perl-doc-5.10.0-25.2mdvmes5.1.x86_64.rpm
c0067e1c7f55bfffc7f7527a4268b6c8 mes5/x86_64/perl-suid-5.10.0-25.2mdvmes5.1.x86_64.rpm
d9e5230e96aa99ef5c5a5c52e3061c4a mes5/SRPMS/perl-5.10.0-25.2mdvmes5.1.src.rpm
Multi Network Firewall 2.0:
116523d57e391e8200aa088228b97c6a mnf/2.0/i586/perl-5.8.3-5.9.M20mdk.i586.rpm
c618fe9ae03b5631f77b601e1cc3261c mnf/2.0/i586/perl-base-5.8.3-5.9.M20mdk.i586.rpm
3ecda619d7cc1afe47b1bbfafa0b9672 mnf/2.0/i586/perl-devel-5.8.3-5.9.M20mdk.i586.rpm
04bfa6b5384b173164912fc4adad9459 mnf/2.0/i586/perl-doc-5.8.3-5.9.M20mdk.i586.rpm
72247c85df7d57f488f9792eb88d2b3d mnf/2.0/SRPMS/perl-5.8.3-5.9.M20mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFMEnfBmqjQ0CJFipgRAjqEAJsErSC9PCwvbWa5h7royEJCuAjytgCgm3a2
NFcHdnhcspKfkVASVXYME3A=
=3PM8
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists