README VERSION : 1.1 README CREATION DATE : 2012-12-27 PATCH-ID : 149768-01 PATCH NAME : VRTSperl 6.0P2 BASE PACKAGE NAME : VRTSperl BASE PACKAGE VERSION : 5.12.2.4 SUPERSEDED PATCHES : NONE REQUIRED PATCHES : 149777-02 INCOMPATIBLE PATCHES : NONE SUPPORTED PADV : sol9_sparc, sol10_sparc (P-PLATFORM , A-ARCHITECTURE , D-DISTRIBUTION , V-VERSION) PATCH CATEGORY : OTHER PATCH CRITICALITY : OPTIONAL HAS KERNEL COMPONENT : NO ID : 149768-01 REBOOT REQUIRED : NO REQUIRE APPLICATION DOWNTIME : NO PATCH INSTALLATION INSTRUCTIONS: -------------------------------- patchadd 149768-01 PATCH UNINSTALLATION INSTRUCTIONS: ---------------------------------- patchrm 149768-01 SPECIAL INSTRUCTIONS: --------------------- NONE SUMMARY OF FIXED ISSUES: ----------------------------------------- PATCH ID:149768-01 3037303 (3037297) Remove module DBD::Oracle and add Log::Log4Perl also fix CVE-2011-3597 Perl Digest improper control of generation of code SUMMARY OF KNOWN ISSUES: ----------------------------------------- KNOWN ISSUES : -------------- FIXED INCIDENTS: ---------------- PATCH ID:149768-01 * INCIDENT NO:3037303 TRACKING ID:3037297 SYMPTOM: Perl Digest improper control of generation of code DESCRIPTION: Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor. RESOLUTION: Source change. INCIDENTS FROM OLD PATCHES: --------------------------- NONE