Web Browser 로는 FTP 접속이 불가능 합니다.

문서번호 : 1135132464
업데이트 : 2005.12.21


상세내용

- fix to fix for CVE-2004-0976 / bz136325: perl5db.pl typo '/tmp' -> '"/tmp"'!
- Further enhancements to sprintf integer overflow patch
  (Upstream patches 26322 26331 and 26333 for CVE-2005-3962 / bz174717 )
- Fix CVE-2004-0976 / bz136325: fix issues with solardesigner's patch
  to perldbtty.pl and c2ph.PL, pointed out by Pekka Savola and David Eisenstein
- Apply upstream patches 26283 and 26284 : complete, revised fixes
  for bug 174683 / CVE-2005-3962 and CVE-2005-3912 and
  "Sys::Syslog security vulnerabilities" issues.
- Fix bug 136009 / MakeMaker LD_RUN_PATH issue:
  restore previous default Red Hat behavior of removing the MakeMaker
  generated LD_RUN_PATH setting from the link command .
  Document this removal, as it contravenes upstream default behavior, and
  provide a USE_MM_LD_RUN_PATH MakeMaker member to enable use of the
  MakeMaker generated LD_RUN_PATH .
- fix bug 174683 / CVE-2005-3962: sprintf integer overflow vulnerability
  backport upstream patch #26240
- fix bug 136009: restore MakeMaker support for LD_RUN_PATH,
  while removing empty LD_RUN_PATH
- fix CAN-2004-0976: insecure use of temporary files
- fix bug 164772: panic (crash) on invalid UTF-8 in Encode.xs
- fix bug 172327 / upstream bug 37056: backport upstream patch 25084:
  prevent realloc recursion on nss get* ERANGE errno
- fix bug 170088: broken h2ph fixed with h2ph from 5.8.7
- fix bug 171111 / upstream bug 37535: IOCPARM_LEN should be _IOC_SIZE
- fix bug 172236: make h2ph pick up gcc built-in include directory


Autoupdates 지원 : 지원

update 패키지

  RPMS :

    . perl-5.8.5-14.i686.rpm

  SRPMS :

    . perl-5.8.5-14.src.rpm

참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0976
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3962