[SECURITY] Fedora 7 Update: perl-5.8.8-29.fc7

Tue Apr 29 20:59:30 UTC 2008

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-3399
2008-04-29 20:29:23
--------------------------------------------------------------------------------

Name        : perl
Product     : Fedora 7
Version     : 5.8.8
Release     : 29.fc7
URL         : http://www.perl.org/
Summary     : The Perl programming language
Description :
Perl is a high-level programming language with roots in C, sed, awk
and shell scripting.  Perl is good at handling processes and files,
and is especially good at handling text.  Perl's hallmarks are
practicality and efficiency.  While it is used to do a lot of
different things, Perl's most common applications are system
administration utilities and web programming.  A large proportion of
the CGI scripts on the web are written in Perl.  You need the perl
package installed on your system so that your system can handle Perl
scripts.

Install this package if you want to program in Perl or enable your
system to handle Perl scripts.

--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 29 2008 Marcela Maslanova <mmaslano at redhat.com> - 4:5.8.8-29
- CVE-2008-1927 buffer overflow, when unicode character is used.
* Thu Jan 31 2008 Tom "spot" Callaway <tcallawa at redhat.com> - 4:5.8.8-28
- create /usr/lib/perl5/vendor_perl/5.8.8/auto and own it
  in base perl (resolves bugzilla 214580)
* Mon Nov 26 2007 Tom "spot" Callaway <tcallawa at redhat.com> - 4:5.8.8-27
- break dep loop, fix bugzilla 397881
* Mon Nov 12 2007 Tom "spot" Callaway <tcallawa at redhat.com> - 4:5.8.8-26
- fix for CVE-2007-5116
* Thu Oct 25 2007 Tom "spot" Callaway <tcallawa at redhat.com> - 4:5.8.8-25
- patch from perl bug 24254, fix for RH bz 114271
* Mon Oct  1 2007 Tom "spot" Callaway <tcallawa at redhat.com> - 4:5.8.8-24
- update DB_File to 1.815
* Sat Aug 18 2007 Stepan Kasal <skasal at redhat.com> - 4:5.8.8-23
- Remove unnnecessary parens from the License tags.
* Sat Aug 18 2007 Stepan Kasal <skasal at redhat.com> - 4:5.8.8-22
- Fix the License: tags.
* Fri Aug 17 2007 Stepan Kasal <skasal at redhat.com> - 4:5.8.8-21
- Apply patch to skip hostname tests, since hostname lookup isn't
  available in Fedora buildroots by design.
* Fri Aug 17 2007 Stepan Kasal <skasal at redhat.com> - 4:5.8.8-20
- perl rpm requires the corresponding version of perl-libs rpm
- Resolves: rhbz#240540
* Fri Jun 22 2007 Robin Norwood <rnorwood at redhat.com> - 4:5.8.8-19
- Resolves: rhbz#196836
- Apply upstream patch #28775, which fixes an issue where reblessing
  overloaded objects incurs significant performance penalty
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #443928 - CVE-2008-1927 perl: double free on regular expressions with utf8 characters
        https://bugzilla.redhat.com/show_bug.cgi?id=443928
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update perl' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
http://fedoraproject.org/keys
--------------------------------------------------------------------------------