FS#3675 : Perl overflow and format string vulns

FS#3675 - Perl overflow and format string vulns

Attached to Project: Arch Linux
Opened by Kevin Piche (kpiche) - Friday, 30 December 2005, 17:28 GMT
Last edited by Jan de Groot (JGC) - Friday, 30 December 2005, 19:32 GMT

Task Type	Bug Report
Category	Packages: Current
Status	Closed
Assigned To	Judd Vinet (judd)
Architecture	not specified
Severity	Critical
Priority	Normal
Reported Version	0.7 Wombat
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Official patch from the perl foundation: "Perl patches fix sprintf buffer overflow" at http://www.perlfoundation.org/news/2005/sprintf_patch_released.html

I've modified the PKGBUILD to use this patch and to use the latest Sys::Syslog which was modified to help mitigate format string attacks.

Also a good opportunity to fix ~~bug 3508~~ and switch to DB_File 1.814.

perl587-pkgbuild.patch (1.6 KiB)

This task depends upon

Closed by Judd Vinet (judd)
Friday, 30 December 2005, 20:41 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed in 5.8.7-2

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#3675 - Perl overflow and format string vulns

Details

Loading...