Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: Perl vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu It was discovered that Perl's regular expression library did not correctly handle certain UTF sequences. If a user or automated system were tricked into running a specially crafted regular expression, a remote attacker could crash the application or possibly execute arbitrary code with user privileges.
Ubuntu Security Notice USN-552-1          December 04, 2007
perl vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS
Ubuntu 6.10
Ubuntu 7.04
Ubuntu 7.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 6.06 LTS:
  libperl5.8                      5.8.7-10ubuntu1.1

Ubuntu 6.10:
  libperl5.8                      5.8.8-6ubuntu0.1

Ubuntu 7.04:
  libperl5.8                      5.8.8-7ubuntu0.1

Ubuntu 7.10:
  libperl5.8                      5.8.8-7ubuntu3.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that Perl's regular expression library did not correctly
handle certain UTF sequences.  If a user or automated system were tricked
into running a specially crafted regular expression, a remote attacker
could crash the application or possibly execute arbitrary code with
user privileges.

Updated packages for Ubuntu 6.06 LTS:

  Source archives:
      Size/MD5:   165472 98da6197bbc7b042806866f19809a8b5
      Size/MD5:      737 a90e131231bab24114d318e852fbc451
      Size/MD5: 12512211 dacefa1fe3c5b6d7bbc334ad94826131

  Architecture independent packages:
      Size/MD5:  7207544 8a96f50ff5738a2fafd7beb74a02f435
      Size/MD5:  2325742 021c622fda16904921dfcf02a6aa96c4
      Size/MD5:    40008 bd31ddd280da57be85e00c7c19d1f457

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   640850 9d0719b4779da8f93fedfb0eb654132b
      Size/MD5:     1012 9c697f9e42f949736cf725e9c2774371
      Size/MD5:   820628 080304d81ce38cc91246c8c2b7ee891f
      Size/MD5:    31478 dc27f9788ff01fd5097976ee75626e61
      Size/MD5:  3978354 6d79ae2514a3ec9f152d0de125531192
      Size/MD5:  2639400 2532bbf9f7ec861e7722d5cc1bef9836

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   559856 9ca996d88c16acb2a19eb6f80e3a68f4
      Size/MD5:   505890 501159b17800e56a2824b06aca598460
      Size/MD5:   737866 d3ca5af34f45f36979e644cb5e94cbb9
      Size/MD5:    28974 c4eade3cf3be3b813bcbd7af7841b146
      Size/MD5:  3296740 7e67c35913fd8046a75434e401130497
      Size/MD5:  2404442 0138415fc08635142fb0985f30997655

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   656338 6201cd747c040ba44701ed056c9760c0
      Size/MD5:     1014 fecb67e1721ab983e3fb1a69eb610672
      Size/MD5:   815514 2799cd895e4681ed7f194039368e1dae
      Size/MD5:    32042 808c4cdcc9db259a87224bbe75394c96
      Size/MD5:  3656072 73cdf23c1e5fbda52f4936bb6d52fc9a
      Size/MD5:  2594308 f6585376f877b9838bb62bd09002de49

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   599300 d4011b7ac37b77c53901f676a623cd0f
      Size/MD5:     1008 caf72f034baf309d4a9269d45148325d
      Size/MD5:   790400 23a9e4c89ad2fe168ccc2391a89e463d
      Size/MD5:    30114 a53a3f41de69344ec741d46220e3ad7e
      Size/MD5:  3581290 7be78922d29146a99fb5a3f7dec3790e
      Size/MD5:  2485596 02c9351609686d699573508e64fa2db0

Updated packages for Ubuntu 6.10:

  Source archives:
      Size/MD5:    88034 e7b46f9bc884e567164e379ab26e9650
      Size/MD5:      749 910ebb281f9ea452ae0857c8314d1cfd
      Size/MD5: 12829188 b8c118d4360846829beb30b02a6b91a7

  Architecture independent packages:
      Size/MD5:  7352010 b99926050f3b94b3e48860f70f740aa3
      Size/MD5:  2309166 9d0fd2d1e39918d3dc0b1aab4c94fef1
      Size/MD5:    40398 22b82469393909ff8696fb66c5cd3a53

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   633844 d731f8b5c5e72a8f901b8e5f1ff9c969
      Size/MD5:     1060 3f823954c678b8ec7cdbfa162769c5a2
      Size/MD5:   809976 4b9d37a405a280fecd1f66de779bb3ff
      Size/MD5:  2740032 0f8417f96f652753f1ba80248cf00b22
      Size/MD5:    33032 2f89afbc96c250918bc1ca19d91e1adb
      Size/MD5:  4047288 5732ea8ac056e8b84eae8aacff85e39f

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   576166 39f1f4597d70b448edabcf55ae025d31
      Size/MD5:   521498 35f0badd87f6ea95677671a923c0bd9b
      Size/MD5:   751416 fec47b71b9705f139a119e758522650c
      Size/MD5:  2507638 631968cae57f3b647ee7a2cbf6c1c326
      Size/MD5:    31446 697584fbffbdb407f414688b5e65de2e
      Size/MD5:  3375590 d60160cc0c6f0f02d7001c2b5b6c0eda

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   655630 54ed7f131777c37840a07d45449abbed
      Size/MD5:     1058 c7d4ed077dc5f47813cf9651832c4139
      Size/MD5:   811264 dbfa0db2d5addbef8999a7ca635f76c9
      Size/MD5:  2704838 d58cadf730c133612a2b715a6d1ba76b
      Size/MD5:    33034 cb872bf5e3e82f2fadd68531744fce74
      Size/MD5:  3734780 89ad67a21fad9c6ad706ef4528ab244b

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   596308 ba0fd9953be95186e73fc0182e8bc638
      Size/MD5:     1058 249e2f0416e9dda9b89b200fc0307abf
      Size/MD5:   785358 57c0b81325a4178a03c5459f3764892c
      Size/MD5:  2580646 a6bc6816614b1498813f73c64f6fcee5
      Size/MD5:    31238 30dac6d5bc7e52ca86bf31b63d2b4bdc
      Size/MD5:  3675336 12fa93853d4b4aec097c5bf94280fdb5

Updated packages for Ubuntu 7.04:

  Source archives:
      Size/MD5:    93072 d7601147dea2f84164094cb5f465468f
      Size/MD5:      833 dc5eec23d30c9c2949d7f8db63853b1e
      Size/MD5: 12829188 b8c118d4360846829beb30b02a6b91a7

  Architecture independent packages:
      Size/MD5:  7352222 e55e069d2f8000557b7b5b2aa0a1adcb
      Size/MD5:  2309560 dd6bed420c639b12e8d87e1e1c17761f
      Size/MD5:    40926 c175bc89fb6e7ab0a09b42a256dffc92

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   633990 6f659d15fd70053cadabb6eb4a62af97
      Size/MD5:     1054 9bce50cfb434976acdf5fde560b20488
      Size/MD5:   825078 097d8f4a1122478d3757e806ce87aa52
      Size/MD5:  2751476 6f3d9b0d94b648240948c67cda43f5ea
      Size/MD5:    33584 d9a3ef3ef1fe338c5d8d4b8becd90e54
      Size/MD5:  4053672 6d4e46bffe916b65f60ad22646ffe04f

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   575736 4e8b9308d46c94245aa425d5d748310b
      Size/MD5:   533092 0e51d08b389b40e4de7ba387d1e84ec6
      Size/MD5:   764366 95193d01ace6a4e14a1def19b3f30545
      Size/MD5:  2519080 f2d8e651e6a675a98f86f65646ce39e1
      Size/MD5:    31944 8c6a5688d5f2aff2af6a3720f493a171
      Size/MD5:  3387948 69d6eaa7c204c6fe7f64b654cf152894

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   655158 5353abcd2b8cc6984e62af1560c23553
      Size/MD5:     1058 f4de2f8f93bc1b1b2b254165c145ee3b
      Size/MD5:   854058 a17efcd900e80cee096b1ad7d01b0f46
      Size/MD5:  2721466 1412c01799559dd3d78e82c74a916996
      Size/MD5:    37020 96638207a58488a7be3b5736020fa9fe
      Size/MD5:  3769700 da74c33814b0565f4f073b00cecea400

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   596338 0cd6d0e9704cd7ee3b3dd9e33f9d3396
      Size/MD5:     1058 84c48fa4edef5274c8d9d4c55fe3b52a
      Size/MD5:   798438 69eb63699dea95c17df557ccd44564ca
      Size/MD5:  2592862 98850ef36922fa444fd0502afba43bd7
      Size/MD5:    33070 d22c4f74172c4adba2697abf5c73c68e
      Size/MD5:  3682418 60c99f0e4ccc43f85c79938a96ee0455

Updated packages for Ubuntu 7.10:

  Source archives:
      Size/MD5:    93377 1e4ec9cfc65220001f38e66bc4f56f9e
      Size/MD5:      833 4f3fbac268e294b885eae342164b3689
      Size/MD5: 12829188 b8c118d4360846829beb30b02a6b91a7

  Architecture independent packages:
      Size/MD5:  7352108 e5eb23ee5b3aa0cdc9695a16d6806dce
      Size/MD5:  2309548 a3e19bb488e5abdd25bb6dbfcfc41f01
      Size/MD5:    41112 015a3cd3f858159ca6e8f59d9f24a4ea

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   636102 f074f93f1d6f20b5b4fd3a87681fcc6d
      Size/MD5:     1058 a08f769b54183fa2e1ad5209df65b4fa
      Size/MD5:   826274 dded240edee784d66b32d15a42e21420
      Size/MD5:  2758908 030cca99de6221176f6f1b30b2730761
      Size/MD5:    33638 0fb9c0f1f5a4ec9be1a8fa5b153f3a31
      Size/MD5:  4054576 ed997ee6c2d500d6edc6cbc0044ce6be

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   576402 9a43f0153732f1c9da78dd888a679e08
      Size/MD5:   533380 1bb3c67a2d586ef3eaefb41be94ab729
      Size/MD5:   765194 3e7418191776393366a27650158850f8
      Size/MD5:  2522478 f8720540f22cf8cf7f09b3456b327cae
      Size/MD5:    31910 f109f1280eb2d49cd1c1ce6a0ca1f0be
      Size/MD5:  3386812 7d0627fd447f7304f09cf1f97fd9a60d

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   655908 8938912ff5b287ecf0cc03346c34bbb1
      Size/MD5:     1064 798ce70342c8d3604f23f5752866ea81
      Size/MD5:   854220 c486169333316db7439e1095b1cce637
      Size/MD5:  2724854 bdcd88d30efe2b485b35250c5c3ee797
      Size/MD5:    37026 a83324fe5b2179fd06f06bd68d349f25
      Size/MD5:  3768652 1a31197fa79647a63ea3ae553353a857

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   596948 2d898e93ec93bec4f77d7d88601fab96
      Size/MD5:     1060 3d3ecf3c4b079230a7232667d86df061
      Size/MD5:   799330 db0cf8569787563788f4b4299f3a24c3
      Size/MD5:  2594250 4d26ef4c14fa16e0cd5b94a75596590d
      Size/MD5:    33122 264999f3199971dc1cf0aca911c3b1ea
      Size/MD5:  3684732 497152ef28c663d150b4d1d564a1b068

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Tech Companies, Privacy Advocates Call for NSA Reform
Google warns of unauthorized TLS certificates trusted by almost all OSes
How Kevin Mitnick hacked the audience at CeBIT 2015
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.