Security update for perl
This update for Perl fixes the following issues:
- CVE-2016-6185: Xsloader looking at a "(eval)" directory. (bsc#988311)
- CVE-2016-1238: Searching current directory for optional modules. (bsc#987887)
- CVE-2015-8853: Regular expression engine hanging on bad utf8. (bsc)
- CVE-2016-2381: Environment dup handling bug. (bsc#967082)
- "Insecure dependency in require" error in taint mode. (bsc#984906)
- Memory leak in 'use utf8' handling. (bsc#928292)
- Missing lock prototype to the debugger. (bsc#932894)
This update was imported from the SUSE:SLE-12:Update update project.
-
Submitted by
Michael Schröder (mlschroe)
Fixed bugs
bnc#932894
Request for perl updates
bnc#928292
Perl has an UTF-8 related memory leak causing massive trouble for long-running tasks
bnc#988311
VUL-0: perl: CVE-2016-6185 perl: XSLoader loads relative paths not included in @INC
bnc#987887
VUL-0: CVE-2016-1238: perl: loading modules from current directory
bnc#967082
VUL-0: CVE-2016-2381: perl: environment handling bug
bnc#984906
perl: taint-mode error: "Insecure dependency in require"
