dominic.dunlop.001 at student
Nov 29, 2006, 12:19 AM
Post #1 of 3
(160 views)
Permalink
|
|
Mac OS X Security Update 2006-007 -- perl printf format string issue
|
|
From <http://docs.info.apple.com/article.html?artnum=304829>:
> perl
>
> CVE-ID: CVE-2005-3962
>
> Available for: Mac OS X v10.3.9, Mac OS X Server v10.3.9, Mac OS X
> v10.4.8, Mac OS X Server v10.4.8
>
> Impact: Perl applications with unsafe string handling may be
> vulnerable to arbitrary code execution
>
> Description: An integer overflow exists in Perl's format string
> functionality. This integer overflow may lead to arbitrary code
> execution in Perl applications which use format strings unsafely.
> This update addresses the issue by performing additional validation
> of uses of format strings.
Does anybody know if this corresponds to a problem reported here,
and, if so, whether it's been fixed in the 5.8.x and/or 5.9.x tracks?
After applying the update, the Mac OS X' perl-5.8.6 says of itself
$ /usr/bin/perl -V
Summary of my perl5 (revision 5 version 8 subversion 6) configuration:
Platform:
osname=darwin, osvers=8.0, archname=darwin-thread-multi-2level
uname='darwin b20.apple.com 8.0 darwin kernel version 8.3.0: mon
oct 3 20:04:04 pdt 2005; root:xnu-792.6.22.obj~2release_ppc power
macintosh powerpc '
config_args='-ds -e -Dprefix=/usr -Dccflags=-g -pipe -
Dldflags=-Dman3ext=3pm -Duseithreads -Duseshrplib'
hint=recommended, useposix=true, d_sigaction=define
usethreads=define use5005threads=undef useithreads=define
usemultiplicity=define
useperlio=define d_sfio=undef uselargefiles=define usesocks=undef
use64bitint=undef use64bitall=undef uselongdouble=undef
usemymalloc=n, bincompat5005=undef
Compiler:
cc='cc', ccflags ='-g -pipe -fno-common -DPERL_DARWIN -no-cpp-
precomp -fno-strict-aliasing -I/usr/local/include',
optimize='-Os',
cppflags='-no-cpp-precomp -g -pipe -fno-common -DPERL_DARWIN -no-
cpp-precomp -fno-strict-aliasing -I/usr/local/include'
ccversion='', gccversion='3.3 20030304 (Apple Computer, Inc.
build 1819)', gccosandvers=''
intsize=4, longsize=4, ptrsize=4, doublesize=8, byteorder=4321
d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=8
ivtype='long', ivsize=4, nvtype='double', nvsize=8,
Off_t='off_t', lseeksize=8
alignbytes=8, prototype=define
Linker and Libraries:
ld='env MACOSX_DEPLOYMENT_TARGET=10.3 cc', ldflags ='-L/usr/
local/lib'
libpth=/usr/local/lib /usr/lib
libs=-ldbm -ldl -lm -lc
perllibs=-ldl -lm -lc
libc=/usr/lib/libc.dylib, so=dylib, useshrplib=true,
libperl=libperl.dylib
gnulibc_version=''
Dynamic Linking:
dlsrc=dl_dlopen.xs, dlext=bundle, d_dlsymun=undef, ccdlflags=' '
cccdlflags=' ', lddlflags='-bundle -undefined dynamic_lookup -L/
usr/local/lib'
Characteristics of this binary (from libperl):
Compile-time options: MULTIPLICITY USE_ITHREADS USE_LARGE_FILES
PERL_IMPLICIT_CONTEXT
Locally applied patches:
23953 - fix for File::Path::rmtree CAN-2004-0452 security issue
33990 - fix for setuid perl security issues
SPRINTF0 - fixes for sprintf formatting issues - CVE-2005-3962
Built under darwin
Compiled at Oct 14 2006 00:15:28
@INC:
/System/Library/Perl/5.8.6/darwin-thread-multi-2level
/System/Library/Perl/5.8.6
/Library/Perl/5.8.6/darwin-thread-multi-2level
/Library/Perl/5.8.6
/Library/Perl
/Network/Library/Perl/5.8.6/darwin-thread-multi-2level
/Network/Library/Perl/5.8.6
/Network/Library/Perl
/System/Library/Perl/Extras/5.8.6/darwin-thread-multi-2level
/System/Library/Perl/Extras/5.8.6
/Library/Perl/5.8.1/darwin-thread-multi-2level
/Library/Perl/5.8.1
.
Does any porter know what's in the "SPRINTF0" patch?
--
Dominic Dunlop MICS I
###########################################
This message has been scanned by F-Secure Anti-Virus for Microsoft Exchange.
For more information, connect to http://www.f-secure.com/
|
