| Description: | Description:
The remote host is missing an update to perl
announced via advisory FEDORA-2005-1145.
o Updated upstream fix for sprintf integer overflow
vulnerabilities CVE-2005-3962 and CVE-2005-3912,
including new Sys::Syslog 0.08
o Updated fix fo bug 136009 / MakeMaker LD_RUN_PATH issue:
restore previous default Red Hat behavior of removing the
MakeMaker generated LD_RUN_PATH setting from the link
command . Document this removal, as it contravenes upstream
default behavior, and provide a USE_MM_LD_RUN_PATH
MakeMaker member to enable use of the MakeMaker generated
LD_RUN_PATH .
* Mon Dec 12 2005 Jason Vas Dias - 2:5.8.5-22.FC3
- Further enhancements to sprintf integer overflow patch (CVE-2005-3962 / bz174717 )
(Upstream patches 26282, 26283, 26284, 26322, 26331, 26333)
- Fix CVE-2004-0976 / bz136325: fix issues with solardesigner's patch
to perldbtty.pl and c2ph.PL, pointed out by Pekka Savola and David Eisenstein
- Fix bug 136009 / MakeMaker LD_RUN_PATH issue:
restore previous default Red Hat behavior of removing the MakeMaker
generated LD_RUN_PATH setting from the link command .
Document this removal, as it contravenes upstream default behavior, and
provide a USE_MM_LD_RUN_PATH MakeMaker member to enable use of the
MakeMaker generated LD_RUN_PATH .
Solution: Apply the appropriate updates.
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
This update can also be installed with the Update Agent
you can
launch the Update Agent with the 'up2date' command.
http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2005-1145
Risk factor : High
CVSS Score:
7.5
|
