gronod/lfs
1
0
Fork 0
mirror of https://git.linuxfromscratch.org/lfs.git synced 2025-01-18 21:17:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Added a patch to fix the sprintf security vulnerability in Perl.

Browse Source 
Thanks to Tim van der Molen for pointing it out.


git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@7284 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689
This commit is contained in:
Jeremy Huntwork 2006-01-20 14:22:56 +00:00
parent d93d1c90ae
commit 11cbbb0452
4 changed files with 19 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
chapter01/changelog.xml
View File

@ -35,6 +35,17 @@
</itemizedlist>
</listitem>
-->
<listitem>
<para>January 20, 2006</para>
<itemizedlist>
<listitem>
<para>[jhuntwork] - Added a patch to fix the sprintf security
vulnerability in Perl. Thanks to Tim van der Molen for pointing it out.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>January 17, 2006</para>
<itemizedlist>
@ -45,7 +56,6 @@
</itemizedlist>
</listitem>
<listitem>
<para>January 10, 2006</para>
<itemizedlist>

5
chapter06/perl.xml
View File

@ -28,6 +28,11 @@ Gawk, GCC, Glibc, Grep, Make, and Sed</seg></seglistitem>
<sect2 role="installation">
<title>Installation of Perl</title>
<para>A security vulnerability exists in Perl's sprintf function. Apply the
following patch to fix it.</para>
<screen><userinput>patch -Np1 -i ../&perl-sprintf-patch;</userinput></screen>
<para>First create a basic <filename>/etc/hosts</filename> file which will be
referenced in one of Perl's configuration files as well as being used used by
the testsuite if you run that.</para>

4
general.ent
View File

@ -1,6 +1,6 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!ENTITY version "SVN-20060117">
<!ENTITY releasedate "January 17, 2006">
<!ENTITY version "SVN-20060120">
<!ENTITY releasedate "January 20, 2006">
<!ENTITY milestone "6.2">
<!ENTITY generic-version "development"> <!-- Use "development", "testing", or "x.y[-pre{x}]" -->

1
patches.ent
View File

@ -38,6 +38,7 @@
<!-- <!ENTITY ncurses-rollup-patch "ncurses-&ncurses-version;-&ncurses-date;-patch.sh.bz2"> -->
<!ENTITY perl-libc-patch "perl-&perl-version;-libc-1.patch">
<!ENTITY perl-sprintf-patch "perl-&perl-version;-sprintf_vulnerability-1.patch">
<!ENTITY shadow-configure-patch "shadow-&shadow-version;-configure_fix-1.patch">