Perl doesn’t get all that many fixes for vulnerabilities, but it happens from time to time. The Ubuntu maintainers have been quick to update the package, and it is now ready in the respos. Fixing the vulnerabilities and updating the system is a really good idea.
“Markus Vervier discovered that Perl incorrectly handled nesting in the ata::Dumper module. An attacker could use this issue to cause Perl to consume memory and crash, resulting in a denial of service,” reads the security notice.
This is just one of the vulnerabilities found and fixed. For a more detailed description of the problems, you can see Canonical’s security notification. Users have been advised to upgrade their systems as soon as possible. If you haven’t upgraded in a while, you might pull more than just the Perl patch.
The flaws can be fixed if you upgrade your system to the latest libpng12-0 package specific to each distribution. To apply the patch, users will have to run the Update Manager application.
Source: http://linux.softpedia.com/blog/perl-vulnerabilities-closed-in-all-supported-ubuntu-oses-501302.shtml
Submitted by: Arnfried Walbrecht
Comments are closed.