Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Linux :: Apps N-Z :: sb5872.htm

perl broken safe compartment
13th Dec 2002 [SBWID-5872]

	perl broken safe compartment


	perl, perl-5.004, perl-5.005


	In Debian Security advisory [DSA 208-1] [] :
	A security hole has been discovered in  which  is  used  in  all
	versions of Perl. The Safe  extension  module  allows  the  creation  of
	compartments in which perl code can be evaluated in a new namespace  and
	the code evaluated in the compartment cannot refer to variables  outside
	this namespace. However, when a Safe compartment has already been  used,
	there's no guarantee that it is Safe any longer, because there's  a  way
	for code to be  executed  within  the  Safe  compartment  to  alter  its
	operation mask. Thus, programs that use a  Safe  compartment  only  once
	aren't affected by this bug.


	Debian says :
	This problem has been fixed in version 5.6.1-8.2 for the current  stable
	distribution (woody), in version 5.004.05-6.2 and 5.005.03-7.2  for  the
	old stable  distribution  (potato)  and  in  version  5.8.0-14  for  the
	unstable distribution (sid).

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH