Canonical published details about the Perl vulnerability in its Ubuntu 12.10, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems.
According to the company, Perl could have been made to run programs if it processed a specially crafted Locale::Maketext template.
It has been discovered that Perl's Locale::Maketext module incorrectly handled backslashes and fully qualified method names. An attacker could possibly use this flaw to execute arbitrary code when an application used untrusted templates.
For a more detailed description of the problems, you can see Canonical's security notification.
The flaws can be fixed if you upgrade your system(s) to the latest perl-modules package specific to each distribution. To apply the patch, run the Update Manager application.
In general, a standard system update will make all the necessary changes, and you won't need to restart the system.
0 comments:
Post a Comment