A new update is available for Fedora Core - [SECURITY] Fedora Core 4 Update: perl-5.8.6-22. Here the announcement:
Fedora Update Notification
FEDORA-2005-1144
2005-12-14
---------------------------------------------------------------------
Product : Fedora Core 4
Name : perl
Version : 5.8.6
Release : 22
Summary : The Perl programming language.
Description :
Perl is a high-level programming language with roots in C, sed, awk
and shell scripting. Perl is good at handling processes and files,
and is especially good at handling text. Perl's hallmarks are
practicality and efficiency. While it is used to do a lot of
different things, Perl's most common applications are system
administration utilities and web programming. A large proportion of
the CGI scripts on the web are written in Perl. You need the perl
package installed on your system so that your system can handle Perl
scripts.
Install this package if you want to program in Perl or enable your
system to handle Perl scripts.
---------------------------------------------------------------------
Update Information:
o Updated upstream fix for sprintf integer overflow
vulnerabilities CVE-2005-3962 and CVE-2005-3912,
including new Sys::Syslog 0.08
o Updated fix fo bug 136009 / MakeMaker LD_RUN_PATH issue:
restore previous default Red Hat behavior of removing the
MakeMaker generated LD_RUN_PATH setting from the link
command .Document this removal, as it contravenes upstream
default behavior, and provide a USE_MM_LD_RUN_PATH
MakeMaker member to enable use of the MakeMaker generated
LD_RUN_PATH .
---------------------------------------------------------------------
* Wed Dec 14 2005 Jason Vas Dias <jvdias@redhat.com> - 3:5.8.6-22
- Updated upstream patches for CVE-2005-3962: 26322 , 26331, 26333
- fix bug 175467: perl5db.pl's perldbtty now defaults to $HOME/.perldbtty$$ .
* Fri Dec 9 2005 Jason Vas Dias <jvdias@redhat.com> - 3.5.8.6-20
- Apply upstream patches 26283 and 26284 : complete, revised fixes
for CVE-2005-3962 and CVE-2005-3912 and
"Sys::Syslog security vulnerabilities" issues.
- Fix bug 136009 / MakeMaker LD_RUN_PATH issue:
restore previous default Red Hat behavior of removing the MakeMaker
generated LD_RUN_PATH setting from the link command .
Document this removal, as it contravenes upstream default behavior, and
provide a USE_MM_LD_RUN_PATH MakeMaker member to enable use of the
MakeMaker generated LD_RUN_PATH .
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
66018e9d9dff5a8609ec6d5b7103b9d6 SRPMS/perl-5.8.6-22.src.rpm
a09a94f2d285132b3b71e5414aa2f379 ppc/perl-5.8.6-22.ppc.rpm
ae4ec1b9ac3f80dd4977cac7e488a3c3 ppc/perl-suidperl-5.8.6-22.ppc.rpm
3f494c22aea1ff69930271b9e53b1dc8 ppc/debug/perl-debuginfo-5.8.6-22.ppc.rpm
7a7461c9f09a1863888de6f85fe2013b x86_64/perl-5.8.6-22.x86_64.rpm
97eb6d680aeecf2fc99ead7eee62d0da x86_64/perl-suidperl-5.8.6-22.x86_64.rpm
79a8ab516cb39f38254ea7b32a45f75c x86_64/debug/perl-debuginfo-5.8.6-22.x86_64.rpm
92652e5ef0b5661e2b91bfa99771fd9c i386/perl-5.8.6-22.i386.rpm
6de0f082d701e5f85d4d553c4ddb84aa i386/perl-suidperl-5.8.6-22.i386.rpm
4134675f84896f885d601811c1656570 i386/debug/perl-debuginfo-5.8.6-22.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.