SuSE Update For Update OpenSUSE-SU-2013:0497-1 (update) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Perl was updated to fix 3 security issues: - fix rehash denial of service (compute time) [bnc#804415] [CVE-2013-1667] - improve CGI crlf escaping [bnc#789994] [CVE-2012-5526] - sanitize input in Maketext.pm to avoid code injection [bnc#797060] [CVE-2012-6329] In openSUSE 12.1 also the following non-security bug was fixed: - fix IPC::Open3 bug when '-' is used [bnc#755278]

Affected

update on openSUSE 12.2, openSUSE 12.1

References

http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00037.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-5526, CVE-2012-6329, CVE-2013-1667

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

SLES10: Security update for OpenEXR
SLES10: Security update for Mozilla XULRunner
SLES10: Security update for mutt
SLES10: Security update for MozillaFirefox
SLES10: Security update for clamav

SuSE Update for update openSUSE-SU-2013:0497-1 (update)

Take action and discover your vulnerabilities