* * * READ ME * * * * * * Perl 6.0 * * * * * * P-patch 1 * * * Patch Date: 2012-11-22 This document provides the following information: * PATCH NAME * PACKAGES AFFECTED BY THE PATCH * BASE PRODUCT VERSIONS FOR THE PATCH * OPERATING SYSTEMS SUPPORTED BY THE PATCH * INCIDENTS FIXED BY THE PATCH * INSTALLATION PRE-REQUISITES * INSTALLING THE PATCH * REMOVING THE PATCH PATCH NAME ---------- Perl 6.0 P-patch 1 PACKAGES AFFECTED BY THE PATCH ------------------------------ VRTSperl BASE PRODUCT VERSIONS FOR THE PATCH ----------------------------------- * Veritas Cluster Server 6.0 * Veritas Storage Foundation for Oracle RAC 6.0 * Veritas Storage Foundation Cluster File System 6.0 * Veritas Storage Foundation 6.0 * Veritas Storage Foundation High Availability 6.0 * Veritas Dynamic Multi-Pathing 6.0 * Symantec VirtualStore 6.0 * Veritas Storage Foundation for Sybase ASE CE 6.0 OPERATING SYSTEMS SUPPORTED BY THE PATCH ---------------------------------------- SLES10 x86-64 INCIDENTS FIXED BY THE PATCH ---------------------------- This patch fixes the following Symantec incidents: Patch ID: 5.12.2.9 * 3003856 (Tracking ID: 2967125) SYMPTOM: Perl Digest improper control of generation of code DESCRIPTION: Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor. RESOLUTION: Source change. INSTALLING THE PATCH -------------------- rpm -Uvh VRTSperl-5.12.2.9-SLES10.x86_64.rpm REMOVING THE PATCH ------------------ rpm -e VRTSperl SPECIAL INSTRUCTIONS -------------------- NONE OTHERS ------ NONE