Oval Definition:oval:com.redhat.rhsa:def:20070966
Revision Date:2008-03-20Version:638
Title:RHSA-2007:0966: perl security update (Important)
Description:Perl is a high-level programming language commonly used for system administration utilities and Web programming.

  • A flaw was found in Perl's regular expression engine. Specially crafted input to a regular expression can cause Perl to improperly allocate memory, possibly resulting in arbitrary code running with the permissions of the user running Perl. (CVE-2007-5116)

    Users of Perl are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue.

    Red Hat would like to thank Tavis Ormandy and Will Drewry for properly disclosing this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2007-5116
    RHSA-2007:0966
    RHSA-2007:0966-02
    RHSA-2007:0966-02
    Platform(s):Red Hat Enterprise Linux 3
    Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • perl-CPAN is earlier than 2:1.61-97.EL3
  • AND perl-CPAN is signed with Red Hat master key
  • perl is earlier than 2:5.8.0-97.EL3
  • AND perl is signed with Red Hat master key
  • perl-CGI is earlier than 2:2.89-97.EL3
  • AND perl-CGI is signed with Red Hat master key
  • perl-DB_File is earlier than 2:1.806-97.EL3
  • AND perl-DB_File is signed with Red Hat master key
  • perl-suidperl is earlier than 2:5.8.0-97.EL3
  • AND perl-suidperl is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • perl-suidperl is earlier than 3:5.8.5-36.el4_5.2
  • AND perl-suidperl is signed with Red Hat master key
  • perl is earlier than 3:5.8.5-36.el4_5.2
  • AND perl is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • perl-suidperl is earlier than 4:5.8.8-10.el5_0.2
  • AND perl-suidperl is signed with Red Hat redhatrelease key
  • perl is earlier than 4:5.8.8-10.el5_0.2
  • AND perl is signed with Red Hat redhatrelease key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • perl is earlier than 2:5.8.0-97.EL3
  • AND perl is signed with Red Hat master key
  • perl-CGI is earlier than 2:2.89-97.EL3
  • AND perl-CGI is signed with Red Hat master key
  • perl-CPAN is earlier than 2:1.61-97.EL3
  • AND perl-CPAN is signed with Red Hat master key
  • perl-DB_File is earlier than 2:1.806-97.EL3
  • AND perl-DB_File is signed with Red Hat master key
  • perl-suidperl is earlier than 2:5.8.0-97.EL3
  • AND perl-suidperl is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • perl is earlier than 3:5.8.5-36.el4_5.2
  • AND perl is signed with Red Hat master key
  • perl-suidperl is earlier than 3:5.8.5-36.el4_5.2
  • AND perl-suidperl is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • perl is earlier than 4:5.8.8-10.el5_0.2
  • AND perl is signed with Red Hat redhatrelease key
  • perl-suidperl is earlier than 4:5.8.8-10.el5_0.2
  • AND perl-suidperl is signed with Red Hat redhatrelease key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • perl is earlier than 3:5.8.5-36.el4_5.2
  • AND perl is signed with Red Hat redhatrelease2 key
  • perl-suidperl is earlier than 3:5.8.5-36.el4_5.2
  • AND perl-suidperl is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • perl is earlier than 4:5.8.8-10.el5_0.2
  • AND perl is signed with Red Hat redhatrelease2 key
  • perl-suidperl is earlier than 4:5.8.8-10.el5_0.2
  • AND perl-suidperl is signed with Red Hat redhatrelease2 key
    • BACK