A new update is available for Fedora Core - [SECURITY] Fedora Core 3 Update: perl-5.8.5-22.FC3. Here the announcement:
Fedora Update Notification
FEDORA-2005-1145
2005-12-14
---------------------------------------------------------------------
Product : Fedora Core 3
Name : perl
Version : 5.8.5
Release : 22.FC3
Summary : The Perl programming language.
Description :
Perl is a high-level programming language with roots in C, sed, awk
and shell scripting. Perl is good at handling processes and files,
and is especially good at handling text. Perl's hallmarks are
practicality and efficiency. While it is used to do a lot of
different things, Perl's most common applications are system
administration utilities and web programming. A large proportion of
the CGI scripts on the web are written in Perl. You need the perl
package installed on your system so that your system can handle Perl
scripts.
Install this package if you want to program in Perl or enable your
system to handle Perl scripts.
---------------------------------------------------------------------
Update Information:
o Updated upstream fix for sprintf integer overflow
vulnerabilities CVE-2005-3962 and CVE-2005-3912,
including new Sys::Syslog 0.08
o Updated fix fo bug 136009 / MakeMaker LD_RUN_PATH issue:
restore previous default Red Hat behavior of removing the
MakeMaker generated LD_RUN_PATH setting from the link
command . Document this removal, as it contravenes upstream
default behavior, and provide a USE_MM_LD_RUN_PATH
MakeMaker member to enable use of the MakeMaker generated
LD_RUN_PATH .
---------------------------------------------------------------------
* Mon Dec 12 2005 Jason Vas Dias <jvdias@redhat.com> - 2:5.8.5-22.FC3
- Further enhancements to sprintf integer overflow patch (CVE-2005-3962 / bz174717 )
(Upstream patches 26282, 26283, 26284, 26322, 26331, 26333)
- Fix CVE-2004-0976 / bz136325: fix issues with solardesigner's patch
to perldbtty.pl and c2ph.PL, pointed out by Pekka Savola and David Eisenstein
- Fix bug 136009 / MakeMaker LD_RUN_PATH issue:
restore previous default Red Hat behavior of removing the MakeMaker
generated LD_RUN_PATH setting from the link command .
Document this removal, as it contravenes upstream default behavior, and
provide a USE_MM_LD_RUN_PATH MakeMaker member to enable use of the
MakeMaker generated LD_RUN_PATH .
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
a7e2fe1ff4bab8c156872419c2a50f81 SRPMS/perl-5.8.5-22.FC3.src.rpm
6598fa75ba5eaa3801fdfe95f2b752f9 x86_64/perl-5.8.5-22.FC3.x86_64.rpm
feed555aa60c86f50684cc2cbd560e85 x86_64/perl-suidperl-5.8.5-22.FC3.x86_64.rpm
66710a6478deb5007bd9e820ce37f838 x86_64/debug/perl-debuginfo-5.8.5-22.FC3.x86_64.rpm
4adeb9e9cb1d97f7f8ac58bda28df906 i386/perl-5.8.5-22.FC3.i386.rpm
f7ac6cfd6e4af95a440eb642543bbe1e i386/perl-suidperl-5.8.5-22.FC3.i386.rpm
6ff3d018dc179f24519073b019614b43 i386/debug/perl-debuginfo-5.8.5-22.FC3.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.