[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH 0/1] Perl: Fix CVE-2016-2381
From: |
Leo Famulari |
Subject: |
[PATCH 0/1] Perl: Fix CVE-2016-2381 |
Date: |
Wed, 2 Mar 2016 14:48:06 -0500 |
This grafts perl to fix CVE-2016-2381 [0], in which environment
variables declared more than once are handled ambiguously.
[0]
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2381
http://www.nntp.perl.org/group/perl.perl5.porters/2016/03/msg234747.html
https://security-tracker.debian.org/tracker/CVE-2016-2381
Leo Famulari (1):
gnu: perl: Replace with patched version [fixes CVE-2016-2381].
gnu-system.am | 1 +
gnu/packages/commencement.scm | 1 +
gnu/packages/patches/perl-CVE-2016-2381.patch | 116 ++++++++++++++++++++++++++
gnu/packages/perl.scm | 23 +++++
4 files changed, 141 insertions(+)
create mode 100644 gnu/packages/patches/perl-CVE-2016-2381.patch
--
2.7.1
- [PATCH 0/1] Perl: Fix CVE-2016-2381,
Leo Famulari <=