[Rio-pm] Fwd: [Full-disclosure] [ MDVSA-2010:115 ] perl

Sábado Junho 12 06:16:13 PDT 2010

"Multiplas vulnerabilidades no Safe.pm"

Eu ri :)

On Sat, 12 Jun 2010, Oscar Marques wrote:

> Date: Sat, 12 Jun 2010 09:47:00 -0300
> From: Oscar Marques <oscarbm em gmail.com>
> Reply-To: Perl Mongers Rio de Janeiro <rio-pm em pm.org>
> To: Perl Mongers Rio de Janeiro <rio-pm em pm.org>
> Subject: [Rio-pm] Fwd: [Full-disclosure] [ MDVSA-2010:115 ] perl
> 
> ---------- Forwarded message ----------
> From: <security em mandriva.com>
> Date: 2010/6/11
> Subject: [Full-disclosure] [ MDVSA-2010:115 ] perl
> To: full-disclosure em lists.grok.org.uk
>
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> _______________________________________________________________________
>
> Mandriva Linux Security Advisory                         MDVSA-2010:115
> http://www.mandriva.com/security/
> _______________________________________________________________________
>
> Package : perl
> Date    : June 11, 2010
> Affected: 2009.0, 2009.1, Corporate 4.0, Enterprise Server 5.0,
>          Multi Network Firewall 2.0
> _______________________________________________________________________
>
> Problem Description:
>
> Multiple vulnerabilities has been discovered and corrected in
> Safe.pm which could lead to escalated privilegies (CVE-2010-1168,
> CVE-2010-1447). The updated packages have been patched to correct
> these issues.
> _______________________________________________________________________
>
> References:
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1168
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1447
> _______________________________________________________________________
>
> Updated Packages:
>
> Mandriva Linux 2009.0:
> 00d3098831f3c94fd3e301a2e9b3d3d2
> 2009.0/i586/perl-5.10.0-25.2mdv2009.0.i586.rpm
> 5eb7a1bda35c58f0bf353cfa845ef65e
> 2009.0/i586/perl-base-5.10.0-25.2mdv2009.0.i586.rpm
> e465d32e8e21049d63ebc6c44730b691
> 2009.0/i586/perl-devel-5.10.0-25.2mdv2009.0.i586.rpm
> 479cdd1789b4ddb41e9309ebf24ba418
> 2009.0/i586/perl-doc-5.10.0-25.2mdv2009.0.i586.rpm
> 7c0936a984a432ed2e1bfc44c0d09fc9
> 2009.0/i586/perl-suid-5.10.0-25.2mdv2009.0.i586.rpm
> 82a2602a2f8ae6cf3a675a6918e24d3e
> 2009.0/SRPMS/perl-5.10.0-25.2mdv2009.0.src.rpm
>
> Mandriva Linux 2009.0/X86_64:
> d3f41fadc8bd3688a8b0189eb1968c77
> 2009.0/x86_64/perl-5.10.0-25.2mdv2009.0.x86_64.rpm
> e5655094bbf5d1925db468ff707b8e18
> 2009.0/x86_64/perl-base-5.10.0-25.2mdv2009.0.x86_64.rpm
> 3c7aa589dfc884a80e4e70b269140d44
> 2009.0/x86_64/perl-devel-5.10.0-25.2mdv2009.0.x86_64.rpm
> 96691039825e0d138ecfb4f4731736ea
> 2009.0/x86_64/perl-doc-5.10.0-25.2mdv2009.0.x86_64.rpm
> 6854569c6281b018af7afbb2f3bc04ad
> 2009.0/x86_64/perl-suid-5.10.0-25.2mdv2009.0.x86_64.rpm
> 82a2602a2f8ae6cf3a675a6918e24d3e
> 2009.0/SRPMS/perl-5.10.0-25.2mdv2009.0.src.rpm
>
> Mandriva Linux 2009.1:
> 32ac91fdee352364f14770ec855e0375
> 2009.1/i586/perl-5.10.0-25.1mdv2009.1.i586.rpm
> a6d92fad394404c4f6e4ecdedf0ef3d0
> 2009.1/i586/perl-base-5.10.0-25.1mdv2009.1.i586.rpm
> 6ec44b6cd15d787afa051aa2f7a079a0
> 2009.1/i586/perl-devel-5.10.0-25.1mdv2009.1.i586.rpm
> 56cc85abe12ffc13e91c7d606c3f5a2f
> 2009.1/i586/perl-doc-5.10.0-25.1mdv2009.1.i586.rpm
> 6e5389395602f29f3678c9e8a5f1aa15
> 2009.1/i586/perl-suid-5.10.0-25.1mdv2009.1.i586.rpm
> d67bc28faa49cd0656ac8256c7cff801
> 2009.1/SRPMS/perl-5.10.0-25.1mdv2009.1.src.rpm
>
> Mandriva Linux 2009.1/X86_64:
> 5e955d0a68966fa5e8a408381e7046dd
> 2009.1/x86_64/perl-5.10.0-25.1mdv2009.1.x86_64.rpm
> 9de85776e7e93665721dce1731474229
> 2009.1/x86_64/perl-base-5.10.0-25.1mdv2009.1.x86_64.rpm
> 2dcc1876750306565ca77cfa69e83e2b
> 2009.1/x86_64/perl-devel-5.10.0-25.1mdv2009.1.x86_64.rpm
> 2a24a59f7557ecd5f9f231677b50fa00
> 2009.1/x86_64/perl-doc-5.10.0-25.1mdv2009.1.x86_64.rpm
> bb2d6a661623d31317822aeb7308b9dd
> 2009.1/x86_64/perl-suid-5.10.0-25.1mdv2009.1.x86_64.rpm
> d67bc28faa49cd0656ac8256c7cff801
> 2009.1/SRPMS/perl-5.10.0-25.1mdv2009.1.src.rpm
>
> Corporate 4.0:
> b326fe2db35f1dd9ac9169f9af6b5fc1
> corporate/4.0/i586/perl-5.8.7-3.6.20060mlcs4.i586.rpm
> 3283f2531e5d33008b61575d7c90cedd
> corporate/4.0/i586/perl-base-5.8.7-3.6.20060mlcs4.i586.rpm
> 2dea5e372272c9990fb79d5e0b3d4c16
> corporate/4.0/i586/perl-devel-5.8.7-3.6.20060mlcs4.i586.rpm
> 245ea4f820b232d147045b1e02e1bbb5
> corporate/4.0/i586/perl-doc-5.8.7-3.6.20060mlcs4.i586.rpm
> 3e2bad0ffc7ed43c865c6ae1b76f05ef
> corporate/4.0/i586/perl-suid-5.8.7-3.6.20060mlcs4.i586.rpm
> 65dfaa9de6379b4d1f7a7b996b6af8be
> corporate/4.0/SRPMS/perl-5.8.7-3.6.20060mlcs4.src.rpm
>
> Corporate 4.0/X86_64:
> 2bb0dc22bd0bae5dd123d95f7f304934
> corporate/4.0/x86_64/perl-5.8.7-3.6.20060mlcs4.x86_64.rpm
> 54dd2c26efb5f0b83f8f82cc6da12e46
> corporate/4.0/x86_64/perl-base-5.8.7-3.6.20060mlcs4.x86_64.rpm
> 15f9345bd763e98aff10ffc36811f699
> corporate/4.0/x86_64/perl-devel-5.8.7-3.6.20060mlcs4.x86_64.rpm
> 297218e6bf27da8dd414078b36218757
> corporate/4.0/x86_64/perl-doc-5.8.7-3.6.20060mlcs4.x86_64.rpm
> 526f48beb05b4175e867bc1ec852fa77
> corporate/4.0/x86_64/perl-suid-5.8.7-3.6.20060mlcs4.x86_64.rpm
> 65dfaa9de6379b4d1f7a7b996b6af8be
> corporate/4.0/SRPMS/perl-5.8.7-3.6.20060mlcs4.src.rpm
>
> Mandriva Enterprise Server 5:
> 95bfe8ce07733fe7ec7890bacf1770f5
> mes5/i586/perl-5.10.0-25.2mdvmes5.1.i586.rpm
> 04d8c9d3262848cae5211d136c83b995
> mes5/i586/perl-base-5.10.0-25.2mdvmes5.1.i586.rpm
> 8186d5d14d1aec46e27b12540c98673a
> mes5/i586/perl-devel-5.10.0-25.2mdvmes5.1.i586.rpm
> 0f13e7c3e3ed27b539e1f1cb8a881be2
> mes5/i586/perl-doc-5.10.0-25.2mdvmes5.1.i586.rpm
> 4e9f1aae20148662c3dee770a792f55c
> mes5/i586/perl-suid-5.10.0-25.2mdvmes5.1.i586.rpm
> d9e5230e96aa99ef5c5a5c52e3061c4a
> mes5/SRPMS/perl-5.10.0-25.2mdvmes5.1.src.rpm
>
> Mandriva Enterprise Server 5/X86_64:
> 869dfeea157fc17cedf1e9e66ddb3bb9
> mes5/x86_64/perl-5.10.0-25.2mdvmes5.1.x86_64.rpm
> b20b2f46b7a74f8e98e19c8b917e6292
> mes5/x86_64/perl-base-5.10.0-25.2mdvmes5.1.x86_64.rpm
> 116dc346f811a5cd6bfaec340b79aac1
> mes5/x86_64/perl-devel-5.10.0-25.2mdvmes5.1.x86_64.rpm
> 75d5d76d48f16ea5af6e5a903e553d43
> mes5/x86_64/perl-doc-5.10.0-25.2mdvmes5.1.x86_64.rpm
> c0067e1c7f55bfffc7f7527a4268b6c8
> mes5/x86_64/perl-suid-5.10.0-25.2mdvmes5.1.x86_64.rpm
> d9e5230e96aa99ef5c5a5c52e3061c4a
> mes5/SRPMS/perl-5.10.0-25.2mdvmes5.1.src.rpm
>
> Multi Network Firewall 2.0:
> 116523d57e391e8200aa088228b97c6a
> mnf/2.0/i586/perl-5.8.3-5.9.M20mdk.i586.rpm
> c618fe9ae03b5631f77b601e1cc3261c
> mnf/2.0/i586/perl-base-5.8.3-5.9.M20mdk.i586.rpm
> 3ecda619d7cc1afe47b1bbfafa0b9672
> mnf/2.0/i586/perl-devel-5.8.3-5.9.M20mdk.i586.rpm
> 04bfa6b5384b173164912fc4adad9459
> mnf/2.0/i586/perl-doc-5.8.3-5.9.M20mdk.i586.rpm
> 72247c85df7d57f488f9792eb88d2b3d
> mnf/2.0/SRPMS/perl-5.8.3-5.9.M20mdk.src.rpm
> _______________________________________________________________________
>
> To upgrade automatically use MandrivaUpdate or urpmi.  The verification
> of md5 checksums and GPG signatures is performed automatically for you.
>
> All packages are signed by Mandriva for security.  You can obtain the
> GPG public key of the Mandriva Security Team by executing:
>
> gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
>
> You can view other update advisories for Mandriva Linux at:
>
> http://www.mandriva.com/security/advisories
>
> If you want to report vulnerabilities, please contact
>
> security_(at)_mandriva.com
> _______________________________________________________________________
>
> Type Bits/KeyID     Date       User ID
> pub  1024D/22458A98 2000-07-10 Mandriva Security Team
> <security*mandriva.com>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
>
> iD8DBQFMEnfBmqjQ0CJFipgRAjqEAJsErSC9PCwvbWa5h7royEJCuAjytgCgm3a2
> NFcHdnhcspKfkVASVXYME3A=
> =3PM8
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

-- 
-------------- Próxima Parte ----------
_______________________________________________
Rio-pm mailing list
Rio-pm em pm.org
http://mail.pm.org/mailman/listinfo/rio-pm