Stories
Slash Boxes
Comments

NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

use Perl

All the Perl that's Practical to Extract and Report

Paranoia More | Login | Reply

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

Without JavaScript enabled, you might want to use the classic discussion system instead. If you login, you can remember this preference.

Second-hand security (Score:1)

by pjf (2464)

If you look closely at the advisory, it states that it's original source is a Trustix [trustix.org] advisory. If you read the original it states that some of scripts contained in the Trustix packages handle temporary files in an insecure fashion, and this is the reason for the recommended upgrade. So the original wasn't a problem with Perl, but instead a problem with some particular scripts bundled with Perl (and ghostscript, glibc, groff, and many more).
Unfortunately, this is a clear case of security-advisory Chin
- Re:Second-hand security (Score:1)
  
  by offerk (4962) <reversethis-{li. ... ta} {eyak.reffo}> on 2004.11.14 15:53 (#36012) Journal
  
  The good news is that it is possible to go from the summary to the full advisory, and realise that the advice is intended only for those using the Trustix packages.
  
  The bad news is that *almost* no one will bother to do so... So Perl will get the blame, true or not :-(
  
  Reply to This
  
  Parent

Get More Comments

Stories, comments, journals, and other submissions on use Perl; are Copyright 1998-2006, their respective owners.