[Bug 174684] CVE-2005-3962 Perl integer overflow issue
bugzilla at redhat.com
bugzilla at redhat.com
Thu Dec 8 19:12:19 UTC 2005
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: CVE-2005-3962 Perl integer overflow issue
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174684
------- Additional Comments From jvdias at redhat.com 2005-12-08 14:12 EST -------
The upstream perl maintainers have combined the above patch #26244 with
other sprintf improvements to deal with Sys::Syslog security vulnerabilities,
which are also the subject of CVE-2005-3912 ( CVE-2005-3962 has now been
raised on this specific integer overflow issue ). It is recommended to
apply upstream patches 26235 to 26240 inclusive and 26244 to solve these
issues - I've attached the patches sent by Nicholas Clark, the upstream
perl maintainer, to this bug.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the perl-devel
mailing list