Red Hat Product Errata RHSA-2008:0522 - Security Advisory
Issued:
2008-06-11
Updated:
2008-06-11

RHSA-2008:0522 - Security Advisory

Synopsis

Important: perl security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated perl packages that fix a security issue are now available for Red
Hat Enterprise Linux 3, 4, and 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

Description

Perl is a high-level programming language commonly used for system
administration utilities and Web programming.

A flaw was found in Perl's regular expression engine. A specially crafted
regular expression with Unicode characters could trigger a buffer overflow,
causing Perl to crash, or possibly execute arbitrary code with the
privileges of the user running Perl. (CVE-2008-1927)

Users of perl are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux Server 3 x86_64
  • Red Hat Enterprise Linux Server 3 ia64
  • Red Hat Enterprise Linux Server 3 i386
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.2 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.2 ia64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.2 i386
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.6 ia64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.6 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Workstation 3 x86_64
  • Red Hat Enterprise Linux Workstation 3 ia64
  • Red Hat Enterprise Linux Workstation 3 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux Desktop 3 x86_64
  • Red Hat Enterprise Linux Desktop 3 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for IBM z Systems 3 s390x
  • Red Hat Enterprise Linux for IBM z Systems 3 s390
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.2 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.6 s390
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux for Power, big endian 4 ppc
  • Red Hat Enterprise Linux for Power, big endian 3 ppc
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.2 ppc
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.6 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 443928 - CVE-2008-1927 perl: heap corruption by regular expressions with utf8 characters

Red Hat Enterprise Linux Server 5

SRPM
perl-5.8.8-10.el5_2.3.src.rpm SHA-256: 7e560169b2b9b97339520956095df9b633d6345d5c2a51b4bc185a1569074bbe
x86_64
perl-5.8.8-10.el5_2.3.x86_64.rpm SHA-256: fe466fe4a382b0afc4d21864e00a0746aef08a16c5456f096978ad97bddfb518
perl-suidperl-5.8.8-10.el5_2.3.x86_64.rpm SHA-256: 062a3028ba9b7c13ead18e920e359a50ab704b88ba0966d91c780e7c0e3ed02f
ia64
perl-5.8.8-10.el5_2.3.ia64.rpm SHA-256: ce18d41c4f5a54833174836ad43e465cd1fd3e85e16a0c454d8b6d4a66e16ed9
perl-suidperl-5.8.8-10.el5_2.3.ia64.rpm SHA-256: 6c7ad82b4df590458bd1d470c083096418676000c650bd4961313edc78679907
i386
perl-5.8.8-10.el5_2.3.i386.rpm SHA-256: 66be0bb4591cc3ad097d9d074eb3ecac149baef819b483e79d6d26c502a5a17a
perl-suidperl-5.8.8-10.el5_2.3.i386.rpm SHA-256: 3ec9e0d1936f6dc731fd67a79da4524fd2197c221d8bb58bfb9faaaa256472c8

Red Hat Enterprise Linux Server 4

SRPM
perl-5.8.5-36.el4_6.3.src.rpm SHA-256: 9d836595fbebe2ca5cffc4bcb21d97f297779f9c4d8979e153d8fddaebc72314
x86_64
perl-5.8.5-36.el4_6.3.x86_64.rpm SHA-256: 2a9496759dfdb5b18c68120a1ed0e6586324241369d22995a3fcc75ed44b5164
perl-5.8.5-36.el4_6.3.x86_64.rpm SHA-256: 2a9496759dfdb5b18c68120a1ed0e6586324241369d22995a3fcc75ed44b5164
perl-suidperl-5.8.5-36.el4_6.3.x86_64.rpm SHA-256: 5c4a22dd38e44c9e9bc6a1def056680d77a8e0289d9f584fd0316315e5a08f2e
perl-suidperl-5.8.5-36.el4_6.3.x86_64.rpm SHA-256: 5c4a22dd38e44c9e9bc6a1def056680d77a8e0289d9f584fd0316315e5a08f2e
ia64
perl-5.8.5-36.el4_6.3.ia64.rpm SHA-256: b49da529946938fbe7fb0c61d98adbf1b2a1e057ff1f67a3081baf42a4924c41
perl-5.8.5-36.el4_6.3.ia64.rpm SHA-256: b49da529946938fbe7fb0c61d98adbf1b2a1e057ff1f67a3081baf42a4924c41
perl-suidperl-5.8.5-36.el4_6.3.ia64.rpm SHA-256: b81e6f7e1163cdf529219b343e2ead5ff7581baa8a28e871e8c1db5f0f6dbc8b
perl-suidperl-5.8.5-36.el4_6.3.ia64.rpm SHA-256: b81e6f7e1163cdf529219b343e2ead5ff7581baa8a28e871e8c1db5f0f6dbc8b
i386
perl-5.8.5-36.el4_6.3.i386.rpm SHA-256: 4352eb9c8c5ec626e42066671321a4c61494bff66919d233e66479824823da71
perl-5.8.5-36.el4_6.3.i386.rpm SHA-256: 4352eb9c8c5ec626e42066671321a4c61494bff66919d233e66479824823da71
perl-suidperl-5.8.5-36.el4_6.3.i386.rpm SHA-256: aa6c8edbb2fb1d47857c97162c4aea65d9f49dac604ce498d1b35292cfe26cd4
perl-suidperl-5.8.5-36.el4_6.3.i386.rpm SHA-256: aa6c8edbb2fb1d47857c97162c4aea65d9f49dac604ce498d1b35292cfe26cd4

Red Hat Enterprise Linux Server 3

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.2

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.6

SRPM
perl-5.8.5-36.el4_6.3.src.rpm SHA-256: 9d836595fbebe2ca5cffc4bcb21d97f297779f9c4d8979e153d8fddaebc72314
x86_64
perl-5.8.5-36.el4_6.3.x86_64.rpm SHA-256: 2a9496759dfdb5b18c68120a1ed0e6586324241369d22995a3fcc75ed44b5164
perl-5.8.5-36.el4_6.3.x86_64.rpm SHA-256: 2a9496759dfdb5b18c68120a1ed0e6586324241369d22995a3fcc75ed44b5164
perl-suidperl-5.8.5-36.el4_6.3.x86_64.rpm SHA-256: 5c4a22dd38e44c9e9bc6a1def056680d77a8e0289d9f584fd0316315e5a08f2e
perl-suidperl-5.8.5-36.el4_6.3.x86_64.rpm SHA-256: 5c4a22dd38e44c9e9bc6a1def056680d77a8e0289d9f584fd0316315e5a08f2e
ia64
perl-5.8.5-36.el4_6.3.ia64.rpm SHA-256: b49da529946938fbe7fb0c61d98adbf1b2a1e057ff1f67a3081baf42a4924c41
perl-5.8.5-36.el4_6.3.ia64.rpm SHA-256: b49da529946938fbe7fb0c61d98adbf1b2a1e057ff1f67a3081baf42a4924c41
perl-suidperl-5.8.5-36.el4_6.3.ia64.rpm SHA-256: b81e6f7e1163cdf529219b343e2ead5ff7581baa8a28e871e8c1db5f0f6dbc8b
perl-suidperl-5.8.5-36.el4_6.3.ia64.rpm SHA-256: b81e6f7e1163cdf529219b343e2ead5ff7581baa8a28e871e8c1db5f0f6dbc8b
i386
perl-5.8.5-36.el4_6.3.i386.rpm SHA-256: 4352eb9c8c5ec626e42066671321a4c61494bff66919d233e66479824823da71
perl-5.8.5-36.el4_6.3.i386.rpm SHA-256: 4352eb9c8c5ec626e42066671321a4c61494bff66919d233e66479824823da71
perl-suidperl-5.8.5-36.el4_6.3.i386.rpm SHA-256: aa6c8edbb2fb1d47857c97162c4aea65d9f49dac604ce498d1b35292cfe26cd4
perl-suidperl-5.8.5-36.el4_6.3.i386.rpm SHA-256: aa6c8edbb2fb1d47857c97162c4aea65d9f49dac604ce498d1b35292cfe26cd4

Red Hat Enterprise Linux Workstation 5

SRPM
perl-5.8.8-10.el5_2.3.src.rpm SHA-256: 7e560169b2b9b97339520956095df9b633d6345d5c2a51b4bc185a1569074bbe
x86_64
perl-5.8.8-10.el5_2.3.i386.rpm SHA-256: 66be0bb4591cc3ad097d9d074eb3ecac149baef819b483e79d6d26c502a5a17a
perl-5.8.8-10.el5_2.3.x86_64.rpm SHA-256: fe466fe4a382b0afc4d21864e00a0746aef08a16c5456f096978ad97bddfb518
perl-suidperl-5.8.8-10.el5_2.3.x86_64.rpm SHA-256: 062a3028ba9b7c13ead18e920e359a50ab704b88ba0966d91c780e7c0e3ed02f
i386
perl-5.8.8-10.el5_2.3.i386.rpm SHA-256: 66be0bb4591cc3ad097d9d074eb3ecac149baef819b483e79d6d26c502a5a17a
perl-suidperl-5.8.8-10.el5_2.3.i386.rpm SHA-256: 3ec9e0d1936f6dc731fd67a79da4524fd2197c221d8bb58bfb9faaaa256472c8

Red Hat Enterprise Linux Workstation 4

SRPM
perl-5.8.5-36.el4_6.3.src.rpm SHA-256: 9d836595fbebe2ca5cffc4bcb21d97f297779f9c4d8979e153d8fddaebc72314
x86_64
perl-5.8.5-36.el4_6.3.x86_64.rpm SHA-256: 2a9496759dfdb5b18c68120a1ed0e6586324241369d22995a3fcc75ed44b5164
perl-suidperl-5.8.5-36.el4_6.3.x86_64.rpm SHA-256: 5c4a22dd38e44c9e9bc6a1def056680d77a8e0289d9f584fd0316315e5a08f2e
ia64
perl-5.8.5-36.el4_6.3.ia64.rpm SHA-256: b49da529946938fbe7fb0c61d98adbf1b2a1e057ff1f67a3081baf42a4924c41
perl-suidperl-5.8.5-36.el4_6.3.ia64.rpm SHA-256: b81e6f7e1163cdf529219b343e2ead5ff7581baa8a28e871e8c1db5f0f6dbc8b
i386
perl-5.8.5-36.el4_6.3.i386.rpm SHA-256: 4352eb9c8c5ec626e42066671321a4c61494bff66919d233e66479824823da71
perl-suidperl-5.8.5-36.el4_6.3.i386.rpm SHA-256: aa6c8edbb2fb1d47857c97162c4aea65d9f49dac604ce498d1b35292cfe26cd4

Red Hat Enterprise Linux Workstation 3

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux Desktop 5

SRPM
perl-5.8.8-10.el5_2.3.src.rpm SHA-256: 7e560169b2b9b97339520956095df9b633d6345d5c2a51b4bc185a1569074bbe
x86_64
perl-5.8.8-10.el5_2.3.i386.rpm SHA-256: 66be0bb4591cc3ad097d9d074eb3ecac149baef819b483e79d6d26c502a5a17a
perl-5.8.8-10.el5_2.3.x86_64.rpm SHA-256: fe466fe4a382b0afc4d21864e00a0746aef08a16c5456f096978ad97bddfb518
perl-suidperl-5.8.8-10.el5_2.3.x86_64.rpm SHA-256: 062a3028ba9b7c13ead18e920e359a50ab704b88ba0966d91c780e7c0e3ed02f
i386
perl-5.8.8-10.el5_2.3.i386.rpm SHA-256: 66be0bb4591cc3ad097d9d074eb3ecac149baef819b483e79d6d26c502a5a17a
perl-suidperl-5.8.8-10.el5_2.3.i386.rpm SHA-256: 3ec9e0d1936f6dc731fd67a79da4524fd2197c221d8bb58bfb9faaaa256472c8

Red Hat Enterprise Linux Desktop 4

SRPM
perl-5.8.5-36.el4_6.3.src.rpm SHA-256: 9d836595fbebe2ca5cffc4bcb21d97f297779f9c4d8979e153d8fddaebc72314
x86_64
perl-5.8.5-36.el4_6.3.x86_64.rpm SHA-256: 2a9496759dfdb5b18c68120a1ed0e6586324241369d22995a3fcc75ed44b5164
perl-suidperl-5.8.5-36.el4_6.3.x86_64.rpm SHA-256: 5c4a22dd38e44c9e9bc6a1def056680d77a8e0289d9f584fd0316315e5a08f2e
i386
perl-5.8.5-36.el4_6.3.i386.rpm SHA-256: 4352eb9c8c5ec626e42066671321a4c61494bff66919d233e66479824823da71
perl-suidperl-5.8.5-36.el4_6.3.i386.rpm SHA-256: aa6c8edbb2fb1d47857c97162c4aea65d9f49dac604ce498d1b35292cfe26cd4

Red Hat Enterprise Linux Desktop 3

SRPM
x86_64
i386

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
perl-5.8.8-10.el5_2.3.src.rpm SHA-256: 7e560169b2b9b97339520956095df9b633d6345d5c2a51b4bc185a1569074bbe
s390x
perl-5.8.8-10.el5_2.3.s390x.rpm SHA-256: 970244b5d9580939c77ab33dc039cb544b655d8334e1ae9bf695074d447f41ec
perl-suidperl-5.8.8-10.el5_2.3.s390x.rpm SHA-256: 87b217055f27d00c5ba099728721fa19e79c82ac7b1af0456388be078826445e

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
perl-5.8.5-36.el4_6.3.src.rpm SHA-256: 9d836595fbebe2ca5cffc4bcb21d97f297779f9c4d8979e153d8fddaebc72314
s390x
perl-5.8.5-36.el4_6.3.s390x.rpm SHA-256: 8c0aebb48a66ac7881e700e3eb4d115a74d214dcab2511993e0f471ecc558160
perl-suidperl-5.8.5-36.el4_6.3.s390x.rpm SHA-256: ffe9a1cc2b7ade06c357dc11b29aba7a1a6537dc0de40e37cbdef4427a9806eb
s390
perl-5.8.5-36.el4_6.3.s390.rpm SHA-256: 07601d0bebfdc624370e9d52c7d3b7edab107290c8105bf1c4b95311b1ec5d58
perl-suidperl-5.8.5-36.el4_6.3.s390.rpm SHA-256: dd22ea7a45495cd669ab0d5bdcef066432aff6288ea39be522293ad9bb77d0b5

Red Hat Enterprise Linux for IBM z Systems 3

SRPM
s390x
s390

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.2

SRPM
s390x

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.6

SRPM
perl-5.8.5-36.el4_6.3.src.rpm SHA-256: 9d836595fbebe2ca5cffc4bcb21d97f297779f9c4d8979e153d8fddaebc72314
s390x
perl-5.8.5-36.el4_6.3.s390x.rpm SHA-256: 8c0aebb48a66ac7881e700e3eb4d115a74d214dcab2511993e0f471ecc558160
perl-suidperl-5.8.5-36.el4_6.3.s390x.rpm SHA-256: ffe9a1cc2b7ade06c357dc11b29aba7a1a6537dc0de40e37cbdef4427a9806eb
s390
perl-5.8.5-36.el4_6.3.s390.rpm SHA-256: 07601d0bebfdc624370e9d52c7d3b7edab107290c8105bf1c4b95311b1ec5d58
perl-suidperl-5.8.5-36.el4_6.3.s390.rpm SHA-256: dd22ea7a45495cd669ab0d5bdcef066432aff6288ea39be522293ad9bb77d0b5

Red Hat Enterprise Linux for Power, big endian 5

SRPM
perl-5.8.8-10.el5_2.3.src.rpm SHA-256: 7e560169b2b9b97339520956095df9b633d6345d5c2a51b4bc185a1569074bbe
ppc
perl-5.8.8-10.el5_2.3.ppc.rpm SHA-256: 83697451f79f1f4a714385916bfbaf0529411e7078ceb09ad08de0ae41482815
perl-suidperl-5.8.8-10.el5_2.3.ppc.rpm SHA-256: 90f14602edd181793eac940a6fff61f9ba49f291e6d0cb87981ce12fcecc6480

Red Hat Enterprise Linux for Power, big endian 4

SRPM
perl-5.8.5-36.el4_6.3.src.rpm SHA-256: 9d836595fbebe2ca5cffc4bcb21d97f297779f9c4d8979e153d8fddaebc72314
ppc
perl-5.8.5-36.el4_6.3.ppc.rpm SHA-256: ea65874a533de672f333a2ea9d07bc8cd4e41b1eaf19e256c81c37ffe6f95098
perl-suidperl-5.8.5-36.el4_6.3.ppc.rpm SHA-256: 28031e1a1d4656a3def1ad0f7596ab42b2caf4fba951e4ffbc1fa98e527705ed

Red Hat Enterprise Linux for Power, big endian 3

SRPM
ppc

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.2

SRPM
ppc

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.6

SRPM
perl-5.8.5-36.el4_6.3.src.rpm SHA-256: 9d836595fbebe2ca5cffc4bcb21d97f297779f9c4d8979e153d8fddaebc72314
ppc
perl-5.8.5-36.el4_6.3.ppc.rpm SHA-256: ea65874a533de672f333a2ea9d07bc8cd4e41b1eaf19e256c81c37ffe6f95098
perl-suidperl-5.8.5-36.el4_6.3.ppc.rpm SHA-256: 28031e1a1d4656a3def1ad0f7596ab42b2caf4fba951e4ffbc1fa98e527705ed

Red Hat Enterprise Linux Server from RHUI 5

SRPM
perl-5.8.8-10.el5_2.3.src.rpm SHA-256: 7e560169b2b9b97339520956095df9b633d6345d5c2a51b4bc185a1569074bbe
x86_64
perl-5.8.8-10.el5_2.3.x86_64.rpm SHA-256: fe466fe4a382b0afc4d21864e00a0746aef08a16c5456f096978ad97bddfb518
perl-suidperl-5.8.8-10.el5_2.3.x86_64.rpm SHA-256: 062a3028ba9b7c13ead18e920e359a50ab704b88ba0966d91c780e7c0e3ed02f
i386
perl-5.8.8-10.el5_2.3.i386.rpm SHA-256: 66be0bb4591cc3ad097d9d074eb3ecac149baef819b483e79d6d26c502a5a17a
perl-suidperl-5.8.8-10.el5_2.3.i386.rpm SHA-256: 3ec9e0d1936f6dc731fd67a79da4524fd2197c221d8bb58bfb9faaaa256472c8

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.