README VERSION : 1.1 README CREATION DATE : 2012-12-21 PATCH-ID : VRTSperl PATCH NAME : VRTSperl 5.14.2.8 BASE PACKAGE NAME : VRTSperl BASE PACKAGE VERSION : 5.14.2.5 SUPERSEDED PATCHES : NONE REQUIRED PATCHES : NONE INCOMPATIBLE PATCHES : NONE SUPPORTED PADV : sol11_x64 (P-PLATFORM , A-ARCHITECTURE , D-DISTRIBUTION , V-VERSION) PATCH CATEGORY : OTHER PATCH CRITICALITY : OPTIONAL HAS KERNEL COMPONENT : NO ID : NONE REBOOT REQUIRED : NO REQUIRE APPLICATION DOWNTIME : NO PATCH INSTALLATION INSTRUCTIONS: -------------------------------- pkg set-publisher -g Symantec pkg install --accept -g VRTSperl PATCH UNINSTALLATION INSTRUCTIONS: ---------------------------------- pkg uninstall VRTSperl SPECIAL INSTRUCTIONS: --------------------- NONE SUMMARY OF FIXED ISSUES: ----------------------------------------- PATCH ID:VRTSperl 3003856 (2967125) CVE-2011-3597 Perl Digest improper control of generation of code SUMMARY OF KNOWN ISSUES: ----------------------------------------- KNOWN ISSUES : -------------- FIXED INCIDENTS: ---------------- PATCH ID:VRTSperl * INCIDENT NO:3003856 TRACKING ID:2967125 SYMPTOM: Perl Digest improper control of generation of code DESCRIPTION: Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor. RESOLUTION: Source change. INCIDENTS FROM OLD PATCHES: --------------------------- NONE