Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Important: perl security update
Advisory ID:       RHSA-2007:0966-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-0966.html
Issue date:        2007-11-05
Updated on:        2007-11-05
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2007-5116 
- ---------------------------------------------------------------------

1. Summary:

Updated Perl packages that fix a security issue are now available for Red
Hat Enterprise Linux 3, 4, and 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

Perl is a high-level programming language commonly used for system
administration utilities and Web programming.

A flaw was found in Perl's regular expression engine. Specially crafted
input to a regular expression can cause Perl to improperly allocate memory,
possibly resulting in arbitrary code running with the permissions of the
user running Perl. (CVE-2007-5116)

Users of Perl are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue.

Red Hat would like to thank Tavis Ormandy and Will Drewry for properly
disclosing this issue.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

323571 - CVE-2007-5116 perl regular expression UTF parsing errors

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/perl-5.8.0-97.EL3.src.rpm
2e856bc3cc39e71d98848cfa162c6bfb  perl-5.8.0-97.EL3.src.rpm

i386:
08110ae481534b78aca8583e466d0d11  perl-5.8.0-97.EL3.i386.rpm
84b160db5c07c87cb35a5b0911778b6d  perl-CGI-2.89-97.EL3.i386.rpm
b8d85a465f3e1358d3f3646005f5247c  perl-CPAN-1.61-97.EL3.i386.rpm
55383931393e8ccfae6d20f5988878a1  perl-DB_File-1.806-97.EL3.i386.rpm
740d8f97dc683b8ce7d81889ea2caaf4  perl-debuginfo-5.8.0-97.EL3.i386.rpm
b9b06f99e1078fefc178582b03a508bf  perl-suidperl-5.8.0-97.EL3.i386.rpm

ia64:
8daacbf394685b47dcd68cb3a1c87bee  perl-5.8.0-97.EL3.ia64.rpm
46b2846b37ca14e8e4ebd960435a2e3a  perl-CGI-2.89-97.EL3.ia64.rpm
dc6f8cad4ca4779ff43fad3d99599d87  perl-CPAN-1.61-97.EL3.ia64.rpm
ba5572804a0300adcf821914806bfed1  perl-DB_File-1.806-97.EL3.ia64.rpm
1e9a1cccea333cd08b27c48793163ffb  perl-debuginfo-5.8.0-97.EL3.ia64.rpm
e0944c1db59ba589012b7dac36521de9  perl-suidperl-5.8.0-97.EL3.ia64.rpm

ppc:
e615fd2475ce99ca74d5a4956b042f77  perl-5.8.0-97.EL3.ppc.rpm
795d3acbb9c53adc03d794fc149b68ee  perl-CGI-2.89-97.EL3.ppc.rpm
6db24a415cbd5ec6d4cf010c8e438191  perl-CPAN-1.61-97.EL3.ppc.rpm
3c187eb1c14ba3abb3e995b98f3252c7  perl-DB_File-1.806-97.EL3.ppc.rpm
ae0a212933e8b2c1e3c0d77f1e64c39c  perl-debuginfo-5.8.0-97.EL3.ppc.rpm
c5f452f0c24cc1d8481eaaf01ac328e2  perl-suidperl-5.8.0-97.EL3.ppc.rpm

s390:
2a72259ab24620832ecb561959117eed  perl-5.8.0-97.EL3.s390.rpm
12183a27b2ff2de7d789e8aa5f1108b5  perl-CGI-2.89-97.EL3.s390.rpm
428a1688d05660f07bc492147d041bad  perl-CPAN-1.61-97.EL3.s390.rpm
3096dd9080963cfceeac8bf95261f01d  perl-DB_File-1.806-97.EL3.s390.rpm
39842e40fa258dd16f3b434df44eba4a  perl-debuginfo-5.8.0-97.EL3.s390.rpm
c3bd3d5726b222cd77e15cfecf5efda5  perl-suidperl-5.8.0-97.EL3.s390.rpm

s390x:
52f0e7173410f550c5c26bbe79f7f29d  perl-5.8.0-97.EL3.s390x.rpm
878d39ad48bac5bc724083d6fafc5bac  perl-CGI-2.89-97.EL3.s390x.rpm
3f3b35f013b39d6f736d832b4a877be2  perl-CPAN-1.61-97.EL3.s390x.rpm
3ce11d8210bd2a35484c4e66eae587e4  perl-DB_File-1.806-97.EL3.s390x.rpm
efee43aed37dbe6750cf9d2a96edb630  perl-debuginfo-5.8.0-97.EL3.s390x.rpm
96df21531273fa0e5ea61a2e94274535  perl-suidperl-5.8.0-97.EL3.s390x.rpm

x86_64:
019400b949f68db6ee1922ffb9dec9fa  perl-5.8.0-97.EL3.x86_64.rpm
297b7c738c1eed805e55121c575153e8  perl-CGI-2.89-97.EL3.x86_64.rpm
9fe0bfb15b169b385af387b3a72a1227  perl-CPAN-1.61-97.EL3.x86_64.rpm
0ba63fa437a712587b758160ca6b3570  perl-DB_File-1.806-97.EL3.x86_64.rpm
e332067ed6df2e02478d11d218b9dec3  perl-debuginfo-5.8.0-97.EL3.x86_64.rpm
0179496930519b1954ec9f50f3aefb1d  perl-suidperl-5.8.0-97.EL3.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/perl-5.8.0-97.EL3.src.rpm
2e856bc3cc39e71d98848cfa162c6bfb  perl-5.8.0-97.EL3.src.rpm

i386:
08110ae481534b78aca8583e466d0d11  perl-5.8.0-97.EL3.i386.rpm
84b160db5c07c87cb35a5b0911778b6d  perl-CGI-2.89-97.EL3.i386.rpm
b8d85a465f3e1358d3f3646005f5247c  perl-CPAN-1.61-97.EL3.i386.rpm
55383931393e8ccfae6d20f5988878a1  perl-DB_File-1.806-97.EL3.i386.rpm
740d8f97dc683b8ce7d81889ea2caaf4  perl-debuginfo-5.8.0-97.EL3.i386.rpm
b9b06f99e1078fefc178582b03a508bf  perl-suidperl-5.8.0-97.EL3.i386.rpm

x86_64:
019400b949f68db6ee1922ffb9dec9fa  perl-5.8.0-97.EL3.x86_64.rpm
297b7c738c1eed805e55121c575153e8  perl-CGI-2.89-97.EL3.x86_64.rpm
9fe0bfb15b169b385af387b3a72a1227  perl-CPAN-1.61-97.EL3.x86_64.rpm
0ba63fa437a712587b758160ca6b3570  perl-DB_File-1.806-97.EL3.x86_64.rpm
e332067ed6df2e02478d11d218b9dec3  perl-debuginfo-5.8.0-97.EL3.x86_64.rpm
0179496930519b1954ec9f50f3aefb1d  perl-suidperl-5.8.0-97.EL3.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/perl-5.8.0-97.EL3.src.rpm
2e856bc3cc39e71d98848cfa162c6bfb  perl-5.8.0-97.EL3.src.rpm

i386:
08110ae481534b78aca8583e466d0d11  perl-5.8.0-97.EL3.i386.rpm
84b160db5c07c87cb35a5b0911778b6d  perl-CGI-2.89-97.EL3.i386.rpm
b8d85a465f3e1358d3f3646005f5247c  perl-CPAN-1.61-97.EL3.i386.rpm
55383931393e8ccfae6d20f5988878a1  perl-DB_File-1.806-97.EL3.i386.rpm
740d8f97dc683b8ce7d81889ea2caaf4  perl-debuginfo-5.8.0-97.EL3.i386.rpm
b9b06f99e1078fefc178582b03a508bf  perl-suidperl-5.8.0-97.EL3.i386.rpm

ia64:
8daacbf394685b47dcd68cb3a1c87bee  perl-5.8.0-97.EL3.ia64.rpm
46b2846b37ca14e8e4ebd960435a2e3a  perl-CGI-2.89-97.EL3.ia64.rpm
dc6f8cad4ca4779ff43fad3d99599d87  perl-CPAN-1.61-97.EL3.ia64.rpm
ba5572804a0300adcf821914806bfed1  perl-DB_File-1.806-97.EL3.ia64.rpm
1e9a1cccea333cd08b27c48793163ffb  perl-debuginfo-5.8.0-97.EL3.ia64.rpm
e0944c1db59ba589012b7dac36521de9  perl-suidperl-5.8.0-97.EL3.ia64.rpm

x86_64:
019400b949f68db6ee1922ffb9dec9fa  perl-5.8.0-97.EL3.x86_64.rpm
297b7c738c1eed805e55121c575153e8  perl-CGI-2.89-97.EL3.x86_64.rpm
9fe0bfb15b169b385af387b3a72a1227  perl-CPAN-1.61-97.EL3.x86_64.rpm
0ba63fa437a712587b758160ca6b3570  perl-DB_File-1.806-97.EL3.x86_64.rpm
e332067ed6df2e02478d11d218b9dec3  perl-debuginfo-5.8.0-97.EL3.x86_64.rpm
0179496930519b1954ec9f50f3aefb1d  perl-suidperl-5.8.0-97.EL3.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/perl-5.8.0-97.EL3.src.rpm
2e856bc3cc39e71d98848cfa162c6bfb  perl-5.8.0-97.EL3.src.rpm

i386:
08110ae481534b78aca8583e466d0d11  perl-5.8.0-97.EL3.i386.rpm
84b160db5c07c87cb35a5b0911778b6d  perl-CGI-2.89-97.EL3.i386.rpm
b8d85a465f3e1358d3f3646005f5247c  perl-CPAN-1.61-97.EL3.i386.rpm
55383931393e8ccfae6d20f5988878a1  perl-DB_File-1.806-97.EL3.i386.rpm
740d8f97dc683b8ce7d81889ea2caaf4  perl-debuginfo-5.8.0-97.EL3.i386.rpm
b9b06f99e1078fefc178582b03a508bf  perl-suidperl-5.8.0-97.EL3.i386.rpm

ia64:
8daacbf394685b47dcd68cb3a1c87bee  perl-5.8.0-97.EL3.ia64.rpm
46b2846b37ca14e8e4ebd960435a2e3a  perl-CGI-2.89-97.EL3.ia64.rpm
dc6f8cad4ca4779ff43fad3d99599d87  perl-CPAN-1.61-97.EL3.ia64.rpm
ba5572804a0300adcf821914806bfed1  perl-DB_File-1.806-97.EL3.ia64.rpm
1e9a1cccea333cd08b27c48793163ffb  perl-debuginfo-5.8.0-97.EL3.ia64.rpm
e0944c1db59ba589012b7dac36521de9  perl-suidperl-5.8.0-97.EL3.ia64.rpm

x86_64:
019400b949f68db6ee1922ffb9dec9fa  perl-5.8.0-97.EL3.x86_64.rpm
297b7c738c1eed805e55121c575153e8  perl-CGI-2.89-97.EL3.x86_64.rpm
9fe0bfb15b169b385af387b3a72a1227  perl-CPAN-1.61-97.EL3.x86_64.rpm
0ba63fa437a712587b758160ca6b3570  perl-DB_File-1.806-97.EL3.x86_64.rpm
e332067ed6df2e02478d11d218b9dec3  perl-debuginfo-5.8.0-97.EL3.x86_64.rpm
0179496930519b1954ec9f50f3aefb1d  perl-suidperl-5.8.0-97.EL3.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/perl-5.8.5-36.el4_5.2.src.rpm
daab18b1dafbe8d3176bc8be5d39b428  perl-5.8.5-36.el4_5.2.src.rpm

i386:
f1161acf28aa300ac3a56196e41bc0c0  perl-5.8.5-36.el4_5.2.i386.rpm
71f9fe459a1f55c07e74395caea1c960  perl-debuginfo-5.8.5-36.el4_5.2.i386.rpm
efc4e73d1b8afcb409b7e237442ae0b1  perl-suidperl-5.8.5-36.el4_5.2.i386.rpm

ia64:
7d7126bde8dce636b1829855a3179925  perl-5.8.5-36.el4_5.2.ia64.rpm
6a32482132d4ecc5176a3251daac6d55  perl-debuginfo-5.8.5-36.el4_5.2.ia64.rpm
5facb1cdc620ed11ef59d3bc1743c731  perl-suidperl-5.8.5-36.el4_5.2.ia64.rpm

ppc:
3ead10eac85b4511ba84c5caa2fcd4fe  perl-5.8.5-36.el4_5.2.ppc.rpm
90d3f87db8da1a5c64262a6789e21e72  perl-debuginfo-5.8.5-36.el4_5.2.ppc.rpm
f9e58d14af224e7e7a854af2b4c238a3  perl-suidperl-5.8.5-36.el4_5.2.ppc.rpm

s390:
083df771d205431a023ce3106b3abc62  perl-5.8.5-36.el4_5.2.s390.rpm
bb60f65df1e7ae736d85420fea4a5e5b  perl-debuginfo-5.8.5-36.el4_5.2.s390.rpm
15ff0e8a816551349bfcfdc0adb3cd52  perl-suidperl-5.8.5-36.el4_5.2.s390.rpm

s390x:
d337f71d48b8577bb6fb32497cf43799  perl-5.8.5-36.el4_5.2.s390x.rpm
db8498f048c019f311f85a8df10654af  perl-debuginfo-5.8.5-36.el4_5.2.s390x.rpm
195293ce097b26f3e219ba9697c66445  perl-suidperl-5.8.5-36.el4_5.2.s390x.rpm

x86_64:
d3b72a8a2577ad7fc59b05ee2c31c806  perl-5.8.5-36.el4_5.2.x86_64.rpm
6152ce32ff44dc9f6266ec7b689a2a6a  perl-debuginfo-5.8.5-36.el4_5.2.x86_64.rpm
de5d8bf1735c31e69aa74ce1921b7610  perl-suidperl-5.8.5-36.el4_5.2.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/perl-5.8.5-36.el4_5.2.src.rpm
daab18b1dafbe8d3176bc8be5d39b428  perl-5.8.5-36.el4_5.2.src.rpm

i386:
f1161acf28aa300ac3a56196e41bc0c0  perl-5.8.5-36.el4_5.2.i386.rpm
71f9fe459a1f55c07e74395caea1c960  perl-debuginfo-5.8.5-36.el4_5.2.i386.rpm
efc4e73d1b8afcb409b7e237442ae0b1  perl-suidperl-5.8.5-36.el4_5.2.i386.rpm

x86_64:
d3b72a8a2577ad7fc59b05ee2c31c806  perl-5.8.5-36.el4_5.2.x86_64.rpm
6152ce32ff44dc9f6266ec7b689a2a6a  perl-debuginfo-5.8.5-36.el4_5.2.x86_64.rpm
de5d8bf1735c31e69aa74ce1921b7610  perl-suidperl-5.8.5-36.el4_5.2.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/perl-5.8.5-36.el4_5.2.src.rpm
daab18b1dafbe8d3176bc8be5d39b428  perl-5.8.5-36.el4_5.2.src.rpm

i386:
f1161acf28aa300ac3a56196e41bc0c0  perl-5.8.5-36.el4_5.2.i386.rpm
71f9fe459a1f55c07e74395caea1c960  perl-debuginfo-5.8.5-36.el4_5.2.i386.rpm
efc4e73d1b8afcb409b7e237442ae0b1  perl-suidperl-5.8.5-36.el4_5.2.i386.rpm

ia64:
7d7126bde8dce636b1829855a3179925  perl-5.8.5-36.el4_5.2.ia64.rpm
6a32482132d4ecc5176a3251daac6d55  perl-debuginfo-5.8.5-36.el4_5.2.ia64.rpm
5facb1cdc620ed11ef59d3bc1743c731  perl-suidperl-5.8.5-36.el4_5.2.ia64.rpm

x86_64:
d3b72a8a2577ad7fc59b05ee2c31c806  perl-5.8.5-36.el4_5.2.x86_64.rpm
6152ce32ff44dc9f6266ec7b689a2a6a  perl-debuginfo-5.8.5-36.el4_5.2.x86_64.rpm
de5d8bf1735c31e69aa74ce1921b7610  perl-suidperl-5.8.5-36.el4_5.2.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/perl-5.8.5-36.el4_5.2.src.rpm
daab18b1dafbe8d3176bc8be5d39b428  perl-5.8.5-36.el4_5.2.src.rpm

i386:
f1161acf28aa300ac3a56196e41bc0c0  perl-5.8.5-36.el4_5.2.i386.rpm
71f9fe459a1f55c07e74395caea1c960  perl-debuginfo-5.8.5-36.el4_5.2.i386.rpm
efc4e73d1b8afcb409b7e237442ae0b1  perl-suidperl-5.8.5-36.el4_5.2.i386.rpm

ia64:
7d7126bde8dce636b1829855a3179925  perl-5.8.5-36.el4_5.2.ia64.rpm
6a32482132d4ecc5176a3251daac6d55  perl-debuginfo-5.8.5-36.el4_5.2.ia64.rpm
5facb1cdc620ed11ef59d3bc1743c731  perl-suidperl-5.8.5-36.el4_5.2.ia64.rpm

x86_64:
d3b72a8a2577ad7fc59b05ee2c31c806  perl-5.8.5-36.el4_5.2.x86_64.rpm
6152ce32ff44dc9f6266ec7b689a2a6a  perl-debuginfo-5.8.5-36.el4_5.2.x86_64.rpm
de5d8bf1735c31e69aa74ce1921b7610  perl-suidperl-5.8.5-36.el4_5.2.x86_64.rpm

Red Hat Enterprise Linux Desktop (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/perl-5.8.8-10.el5_0.2.src.rpm
80ae3681c13ce42f0ca7f7b0d3f65ad9  perl-5.8.8-10.el5_0.2.src.rpm

i386:
4c75d8927b2d9b48ea8eff28bd815f58  perl-5.8.8-10.el5_0.2.i386.rpm
fe7c4efeb215effd89f4b651dbd6ee29  perl-debuginfo-5.8.8-10.el5_0.2.i386.rpm
069f811d020867de13242a28c1050cfb  perl-suidperl-5.8.8-10.el5_0.2.i386.rpm

x86_64:
7fb4459c9e02e7b698b72a1cf885ddd1  perl-5.8.8-10.el5_0.2.x86_64.rpm
58269ad060a5dcdb8522ec496aa9784b  perl-debuginfo-5.8.8-10.el5_0.2.x86_64.rpm
8dbbca6942da4350cb3921ded784055f  perl-suidperl-5.8.8-10.el5_0.2.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/perl-5.8.8-10.el5_0.2.src.rpm
80ae3681c13ce42f0ca7f7b0d3f65ad9  perl-5.8.8-10.el5_0.2.src.rpm

i386:
4c75d8927b2d9b48ea8eff28bd815f58  perl-5.8.8-10.el5_0.2.i386.rpm
fe7c4efeb215effd89f4b651dbd6ee29  perl-debuginfo-5.8.8-10.el5_0.2.i386.rpm
069f811d020867de13242a28c1050cfb  perl-suidperl-5.8.8-10.el5_0.2.i386.rpm

ia64:
92ac4f52c137c7406da353b7d8463034  perl-5.8.8-10.el5_0.2.ia64.rpm
df83934e1aca8c50ac331822f054eb20  perl-debuginfo-5.8.8-10.el5_0.2.ia64.rpm
50749b5171123f123890bd9cc5dd07d6  perl-suidperl-5.8.8-10.el5_0.2.ia64.rpm

ppc:
8820cedc46e66a62e5fdd1ac949c4b8f  perl-5.8.8-10.el5_0.2.ppc.rpm
d0ed851ad533205fa5cca7099337af41  perl-debuginfo-5.8.8-10.el5_0.2.ppc.rpm
702ab8dfbb86555057782d04e6892ed5  perl-suidperl-5.8.8-10.el5_0.2.ppc.rpm

s390x:
05056e414bd207108f1a4b46f4186631  perl-5.8.8-10.el5_0.2.s390x.rpm
f9f28930496ed8dbaa84573a573c9279  perl-debuginfo-5.8.8-10.el5_0.2.s390x.rpm
1542ed29a717c3cb39cf521c7ff11caf  perl-suidperl-5.8.8-10.el5_0.2.s390x.rpm

x86_64:
7fb4459c9e02e7b698b72a1cf885ddd1  perl-5.8.8-10.el5_0.2.x86_64.rpm
58269ad060a5dcdb8522ec496aa9784b  perl-debuginfo-5.8.8-10.el5_0.2.x86_64.rpm
8dbbca6942da4350cb3921ded784055f  perl-suidperl-5.8.8-10.el5_0.2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5116
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFHL0S0XlSAg2UNWIIRAtsOAJ4kMVBGRohsuJMB12k5McaG5J2xEQCfR736
AF9SXL0qcaLJG8IuR4VFHNk=
=C25p
-----END PGP SIGNATURE-----




© 1998-2024 E-Soft Inc. All rights reserved.