Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#3675 - Perl overflow and format string vulns
Attached to Project:
Arch Linux
Opened by Kevin Piche (kpiche) - Friday, 30 December 2005, 17:28 GMT
Last edited by Jan de Groot (JGC) - Friday, 30 December 2005, 19:32 GMT
Opened by Kevin Piche (kpiche) - Friday, 30 December 2005, 17:28 GMT
Last edited by Jan de Groot (JGC) - Friday, 30 December 2005, 19:32 GMT
|
DetailsOfficial patch from the perl foundation: "Perl patches fix sprintf buffer overflow" at http://www.perlfoundation.org/news/2005/sprintf_patch_released.html
I've modified the PKGBUILD to use this patch and to use the latest Sys::Syslog which was modified to help mitigate format string attacks. Also a good opportunity to fix 
perl587-pkgbuild.patch
(1.6 KiB)
|
This task depends upon
Closed by Judd Vinet (judd)
Friday, 30 December 2005, 20:41 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed in 5.8.7-2
Friday, 30 December 2005, 20:41 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed in 5.8.7-2