* * * READ ME * * * * * * Perl 5.1 SP1 * * * * * * P-patch 1 * * * Patch Date: 2012-11-23 This document provides the following information: * PATCH NAME * PACKAGES AFFECTED BY THE PATCH * BASE PRODUCT VERSIONS FOR THE PATCH * OPERATING SYSTEMS SUPPORTED BY THE PATCH * INCIDENTS FIXED BY THE PATCH * INSTALLATION PRE-REQUISITES * INSTALLING THE PATCH * REMOVING THE PATCH PATCH NAME ---------- Perl 5.1 SP1 P-patch 1 PACKAGES AFFECTED BY THE PATCH ------------------------------ VRTSperl BASE PRODUCT VERSIONS FOR THE PATCH ----------------------------------- * Veritas Cluster Server 5.1 SP1 * Veritas Storage Foundation for Oracle RAC 5.1 SP1 * Veritas Storage Foundation Cluster File System 5.1 SP1 * Veritas Storage Foundation 5.1 SP1 * Veritas Storage Foundation High Availability 5.1 SP1 * Veritas Dynamic Multi-Pathing 5.1 SP1 OPERATING SYSTEMS SUPPORTED BY THE PATCH ---------------------------------------- HP-UX 11i v3 (11.31) INCIDENTS FIXED BY THE PATCH ---------------------------- This patch fixes the following Symantec incidents: Patch ID: PVCO_03984 * 3003856 (Tracking ID: 2967125) SYMPTOM: Perl Digest improper control of generation of code DESCRIPTION: Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor. RESOLUTION: Source change. INSTALLING THE PATCH -------------------- To install the patch, enter the following command: # swinstall -s PVCO_03984 REMOVING THE PATCH ------------------ To remove the patch, enter the following command: # swremove PVCO_03984 SPECIAL INSTRUCTIONS -------------------- NONE OTHERS ------ NONE