Security update for Perl

SUSE Security Update: Security update for Perl
Announcement ID: SUSE-SU-2013:0442-1
Rating: important
References: #788388 #789994 #796014 #797060 #804415
Affected Products:
  • SUSE Linux Enterprise Server 10 SP4
  • SUSE Linux Enterprise Desktop 10 SP4

  • An update that solves one vulnerability and has four fixes is now available.

    Description:


    This update of Perl 5 fixes the following security issues:

    * fix rehash DoS [bnc#804415] [CVE-2013-1667]
    * improve CGI crlf escaping [bnc#789994] [CVE-2012-5526]
    * fix glob denial of service [bnc#796014]
    [CVE-2011-2728]
    * sanitize input in Maketext.pm [bnc#797060]
    [CVE-2012-6329]
    * make getgrent work with long group entries
    [bnc#788388]

    Security Issue reference:

    * CVE-2013-1667
    >

    Package List:

    • SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):
    • perl-5.8.8-14.21.3
    • SUSE Linux Enterprise Server 10 SP4 (s390x x86_64):
    • perl-32bit-5.8.8-14.21.3
    • SUSE Linux Enterprise Server 10 SP4 (ia64):
    • perl-x86-5.8.8-14.21.3
    • SUSE Linux Enterprise Server 10 SP4 (ppc):
    • perl-64bit-5.8.8-14.21.3
    • SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):
    • perl-5.8.8-14.21.3
    • SUSE Linux Enterprise Desktop 10 SP4 (x86_64):
    • perl-32bit-5.8.8-14.21.3

    References:

    • http://support.novell.com/security/cve/CVE-2013-1667.html
    • https://bugzilla.novell.com/788388
    • https://bugzilla.novell.com/789994
    • https://bugzilla.novell.com/796014
    • https://bugzilla.novell.com/797060
    • https://bugzilla.novell.com/804415
    • http://download.suse.com/patch/finder/?keywords=ed1929d51b82752f08399dada0ae2769