[Frugalware-git] homepage-ng: FSA322-perl

voroskoi voroskoi at frugalware.org
Tue Nov 27 20:46:42 CET 2007


Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=47fcfefc050efd525e8115f377928a81d7a7407d

commit 47fcfefc050efd525e8115f377928a81d7a7407d
Author: voroskoi <voroskoi at frugalware.org>
Date:   Tue Nov 27 20:46:30 2007 +0100

FSA322-perl

diff --git a/frugalware/xml/security.xml b/frugalware/xml/security.xml
index 9deaaca..85a4c17 100644
--- a/frugalware/xml/security.xml
+++ b/frugalware/xml/security.xml
@@ -27,6 +27,18 @@

<fsas>
<fsa>
+		<id>322</id>
+		<date>2007-11-27</date>
+		<author>voroskoi</author>
+		<package>perl</package>
+		<vulnerable>5.8.8-4</vulnerable>
+		<unaffected>5.8.8-5sayshell1</unaffected>
+		<bts>http://bugs.frugalware.org/task/2568</bts>
+		<cve>http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116</cve>
+		<desc>Tavis Ormandy and Will Drewry have reported a vulnerability in Perl, which potentially can be exploited by malicious people to compromise a vulnerable system.
+			The vulnerability is caused due to a boundary error within the processing of regular expressions containing Unicode data. This can be exploited to cause a buffer overflow via a specially crafted regular expression causing a runtime switch to the Unicode character scheme.</desc>
+	</fsa>
+	<fsa>
<id>321</id>
<date>2007-11-27</date>
<author>voroskoi</author>


More information about the Frugalware-git mailing list