Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

FLEA-2007-0069-1 perl
From: Foresight Linux Essential Announcement Service <foresight-security-noreply () foresightlinux org>
Date: Sun, 11 Nov 2007 20:19:51 -0900

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Foresight Linux Essential Advisory: 2007-0069-1
Published: 2007-11-11

Rating: Minor

Updated Versions:
    perl=/conary.rpath.com () rpl:devel//1/5.8.7-8.2-1
    group-dist=/foresight.rpath.org () fl:1-devel//1/1.4.1-0.2-3

References:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116

Description:
    Previous versions of the perl package contain a buffer overflow in the
    regular expression parsing code which could allow an attacker to execute
    arbitrary code via a program which uses perl to parse untrusted input as a
    regular expression.

    Foresight Linux does not include any such program by default.

- ---

Copyright 2007 Foresight Linux Project
This file is distributed under the terms of the MIT License.
A copy is available at http://www.foresightlinux.org/permanent/mit-license.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.7 (GNU/Linux)

iQIVAwUBRzfiXtfwEn07iAtZAQJZvBAAkyoO3qAWS0vWHBFkQgiCl9vf2The5zoW
5B++Z19q8v1QriFmCoa5FfaLrHHajxt5FzjA4gnxM25YBYrM98XTwj567woz62EX
dPxYsNaiR3+nKpnygPwRpbhO4s//KLvPlfGWG3Z37fTUigGcNJEerpFLu0io+ESK
qR8gG28zQV0mwvccY/r83KA+vx0mhG7zl9ZrsKzHc/W+dXLrnqxsBNnPtPz0Xvth
W2g40wrUJ267f8ZhWigrwxCquJg6X4XBUU2ge0PFveI+AySbxsYhxO8mBF41ZWS4
0yW+9f8X+2cVjiwTv6evShkAm0opW45dETOgL9mKXd0A30tDVXmqlEv2I3dQnWZO
fQ1rx+AdTVZ7ZTkrXJ1FvZHMzQ+nMbQOGLg/cuF4uEgnkBDr1qCkPxzM7VtsG5WG
IkAIPGqyGrdDfXVdu1hWf3VJYcMl98Ybp34xeWGz5nvO8myvbCZdzWoCcaIHKVsM
elgqAEgQQpZ96yIfjLZ9dVivE5sMOTdJQvuhDMunrtOZP3/o+kDNRWIrTIZjYiRg
/14fwuOeQxIHqvC1gKCdQFAZ+JcyzCD9ET71oAfXsc6RKTz4xAUrcdLEXbd2Ge2i
/+QBMeeGb+tCI+RqREVYuMrtLMap4A3aNPiH9EjFMeGBM7oExU9nmgD1kreEE0Rf
i5g5bQ987vM=
=p0Vt
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • FLEA-2007-0069-1 perl Foresight Linux Essential Announcement Service (Nov 12)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]