Fedora 27: Critical Exploit Alert for perl Update 2017-7ae07e9f1f

Perl is a high-level programming language with roots in C, sed, awk and shell

scripting. Perl is good at handling processes and files, and is especially

good at handling text. Perl's hallmarks are practicality and efficiency.

While it is used to do a lot of different things, Perl's most common

applications are system administration utilities and web programming.

This is a metapackage with all the Perl bits and core modules that can be

found in the upstream tarball from perl.org.

If you need only a specific feature, you can install a specific package

instead. E.g. to handle Perl scripts with /usr/bin/perl interpreter,

install perl-interpreter package. See perl-interpreter description for more

details on the Perl decomposition into packages.

Update perl(:MODULE_COMPAT_*) ---- Security fix for CVE-2017-12837

CVE-2017-12883 (see )

[ 1 ] Bug #1492091 - CVE-2017-12837 perl: Heap buffer overflow in regular expression compiler

https://bugzilla.redhat.com/show_bug.cgi?id=1492091

[ 2 ] Bug #1492093 - CVE-2017-12883 perl: Buffer over-read in regular expression parser

https://bugzilla.redhat.com/show_bug.cgi?id=1492093

su -c 'dnf upgrade perl' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org