[SECURITY] Fedora 22 Update: perl-5.20.3-329.fc22

updates at fedoraproject.org updates at fedoraproject.org
Sun Mar 13 09:57:38 UTC 2016 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2016-1fb63e3bf3
2016-03-13 09:04:20.340939
--------------------------------------------------------------------------------

Name        : perl
Product     : Fedora 22
Version     : 5.20.3
Release     : 329.fc22
URL         : http://www.perl.org/
Summary     : Practical Extraction and Report Language
Description :
Perl is a high-level programming language with roots in C, sed, awk and shell
scripting.  Perl is good at handling processes and files, and is especially
good at handling text.  Perl's hallmarks are practicality and efficiency.
While it is used to do a lot of different things, Perl's most common
applications are system administration utilities and web programming.  A large
proportion of the CGI scripts on the web are written in Perl.  You need the
perl package installed on your system so that your system can handle Perl
scripts.

Install this package if you want to program in Perl or enable your system to
handle Perl scripts.

--------------------------------------------------------------------------------
Update Information:

Fix manipulating environment variables to align with how glibc handles
duplicated environment variables. Perl now uses the first variable listed in the
environment array and it removes any subsequent entries of the same-named
variable from the array, so that child processes have only one variable instance
in its environment.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1309214 - CVE-2016-2381 perl: ambiguous environment variables handling
        https://bugzilla.redhat.com/show_bug.cgi?id=1309214
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program. Use
su -c 'yum update perl' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list