From 11cbbb04522b834acbb8e353c7fcc4b006c56b3d Mon Sep 17 00:00:00 2001 From: Jeremy Huntwork Date: Fri, 20 Jan 2006 14:22:56 +0000 Subject: [PATCH] Added a patch to fix the sprintf security vulnerability in Perl. Thanks to Tim van der Molen for pointing it out. git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@7284 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689 --- chapter01/changelog.xml | 12 +++++++++++- chapter06/perl.xml | 5 +++++ general.ent | 4 ++-- patches.ent | 1 + 4 files changed, 19 insertions(+), 3 deletions(-) diff --git a/chapter01/changelog.xml b/chapter01/changelog.xml index 9854ad602..3c7f6bffd 100644 --- a/chapter01/changelog.xml +++ b/chapter01/changelog.xml @@ -35,6 +35,17 @@ --> + + + January 20, 2006 + + + [jhuntwork] - Added a patch to fix the sprintf security + vulnerability in Perl. Thanks to Tim van der Molen for pointing it out. + + + + January 17, 2006 @@ -45,7 +56,6 @@ - January 10, 2006 diff --git a/chapter06/perl.xml b/chapter06/perl.xml index 1ce3a7e05..33ec77102 100644 --- a/chapter06/perl.xml +++ b/chapter06/perl.xml @@ -28,6 +28,11 @@ Gawk, GCC, Glibc, Grep, Make, and Sed Installation of Perl +A security vulnerability exists in Perl's sprintf function. Apply the +following patch to fix it. + +patch -Np1 -i ../&perl-sprintf-patch; + First create a basic /etc/hosts file which will be referenced in one of Perl's configuration files as well as being used used by the testsuite if you run that. diff --git a/general.ent b/general.ent index 3b98acc74..977fa251f 100644 --- a/general.ent +++ b/general.ent @@ -1,6 +1,6 @@ - - + + diff --git a/patches.ent b/patches.ent index fff66b690..fe91241be 100644 --- a/patches.ent +++ b/patches.ent @@ -38,6 +38,7 @@ +