* * * READ ME * * * * * * Perl 6.0.1 * * * * * * Patch 6.0.1.100 * * * Patch Date: 2014-08-22 This document provides the following information: * PATCH NAME * OPERATING SYSTEMS SUPPORTED BY THE PATCH * PACKAGES AFFECTED BY THE PATCH * BASE PRODUCT VERSIONS FOR THE PATCH * SUMMARY OF INCIDENTS FIXED BY THE PATCH * DETAILS OF INCIDENTS FIXED BY THE PATCH * INSTALLATION PRE-REQUISITES * INSTALLING THE PATCH * REMOVING THE PATCH PATCH NAME ---------- Perl 6.0.1 Patch 6.0.1.100 OPERATING SYSTEMS SUPPORTED BY THE PATCH ---------------------------------------- RHEL5 x86-64 PACKAGES AFFECTED BY THE PATCH ------------------------------ VRTSperl BASE PRODUCT VERSIONS FOR THE PATCH ----------------------------------- * Symantec VirtualStore 6.0.1 * Veritas Cluster Server 6.0.1 * Veritas Dynamic Multi-Pathing 6.0.1 * Veritas Storage Foundation 6.0.1 * Veritas Storage Foundation Cluster File System HA 6.0.1 * Veritas Storage Foundation for Oracle RAC 6.0.1 * Veritas Storage Foundation HA 6.0.1 SUMMARY OF INCIDENTS FIXED BY THE PATCH --------------------------------------- Patch ID: 5.14.2.21 * 3533417 (3538401) The bundled OpenSSL version upgrading from 0.9.8g to 0.9.8zb according to heartbleed vulnerability. DETAILS OF INCIDENTS FIXED BY THE PATCH --------------------------------------- This patch fixes the following Symantec incidents: Patch ID: 5.14.2.21 * 3533417 (Tracking ID: 3538401) SYMPTOM: OPENSSL CVE-2013-0166 The old OpenSSL components are vulnerable to heartbleed. DESCRIPTION: The OpenSSL advisory is released public. OPENSSL CVE-2013-0166 that everyone has been asking about is a MiTM attack with a carefully crafted handshake due to weak keying material. RESOLUTION: Upgrading bundled OpenSSL from 0.9.8g to 0.9.8zb. INSTALLING THE PATCH -------------------- rpm -Uvh VRTSperl-5.14.2.21-RHEL5.x86_64.rpm REMOVING THE PATCH ------------------ rpm -e VRTSperl SPECIAL INSTRUCTIONS -------------------- NONE OTHERS ------ NONE