[LFS-6.1] Multiple vulnerabilities in Perl-5.8.6

Matthew Burgess matthew at linuxfromscratch.org
Thu Aug 4 12:13:39 PDT 2005


Hi folks,

LFS-6.1 installs Perl-5.8.6 which is subject to several security 
vulnerabilities (CAN-2005-0448, CAN-2004-0452, CAN-2005-0155, 
CAN-2005-0156 and CAN-2004-0976).

We advise upgrading to Perl-5.8.7 to fix all of these issues, apart from 
  2004-0976.  This is deemed to be a low risk vulnerability, given that 
it largely affects just the scripts in Perl's test suite (the one 
exception being the instmodsh shell script).

Special thanks are due to Ken Moffat for analysing the vulnerabilities, 
patches and upstream tarballs in order for us to be able to provide you 
with this information!

Regards,

Matt.



More information about the lfs-security mailing list