Security advisory: perl (CVE-2005-3962)
Thu Dec 29 09:14:00 GMT 2005
On Thu, Dec 29, 2005 at 09:55:16AM +0100, Gerrit P. Haase wrote:
> Corinna schrieb:
> > On Dec 9 13:51, Yaakov S (Cygwin Ports) wrote:
> >> Gerrit,
> >> Perl is vulnerable to format string programming errors, that could be
> >> exploited to execute arbitrary code.
> >> Patch:
> >> http://www.gentoo.org/cgi-bin/viewcvs.cgi/*checkout*/dev-lang/perl/files/perl-exp_intwrap.patch
> > Gerrit? Ping?
> Ah, yes. Will revisit this issue today.
The offical patch:
There were also a few subsequent patches to printf stuff, not directly
related to the above security advisory, and a fix to Sys::Syslog which
More information about the Cygwin-apps