This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
Bug 104906 - perl-5.6.1-36.1.73 requires perl-suidperl - why now?
perl-5.6.1-36.1.73 requires perl-suidperl - why now?
Status: CLOSED CURRENTRELEASE
Product: Red Hat Linux
Classification: Retired
Component: perl (Show other bugs)
7.3
All Linux
medium Severity medium
: ---
: ---
Assigned To: Chip Turner
David Lawrence
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-09-23 10:10 EDT by Peter Bieringer
Modified: 2007-04-18 12:57 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-01-05 04:33:24 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Peter Bieringer 2003-09-23 10:10:40 EDT
Description of problem:
Newest perl package (RHSA-2003:256-01) requires perl-suidperl installed.
Why? 


Version-Release number of selected component (if applicable):
perl-5.6.1-36.1.73

How reproducible:
Always

Steps to Reproduce:
1. rpm -Fhv ... without preinstallation of perl-suidperl
2.
3.
    

Actual Results:  Requires perl-suidperl

Expected Results:  Not requires perl-suidperl like older version does (e.g.
perl-5.6.1-34.99.6)

Additional info:

To lower down the number of suid-root programs on a system is always good for
security.

# rpm -ql -v perl-suidperl
-rws--x--x    1 root    root           808526 Aug 18 22:12 /usr/bin/sperl5.6.1
-rws--x--x    1 root    root           808526 Aug 18 22:12 /usr/bin/suidperl
Comment 1 Peter Bieringer 2003-09-23 10:18:05 EDT
And also not so funny: on RHL 7.2 a clean update isn't possible, because no
perl-suidperl package exists:

# rpm -Fhv updates/7.2/en/os/i386/perl-*
error: failed dependencies:
        perl-suidperl is needed by perl-5.6.1-36.1.72

# rpm -ihv updates/7.2/en/os/i386/perl-suidperl-5.6.1-36.1.72.i386.rpm
Preparing...                ########################################### [100%]
file /usr/bin/sperl5.6.1 from install of perl-suidperl-5.6.1-36.1.72 conflicts
with file from package perl-5.6.1-26.72.3
file /usr/bin/suidperl from install of perl-suidperl-5.6.1-36.1.72 conflicts
with file from package perl-5.6.1-26.72.3


Hmm, how to combine -ihv and -Fhv in one step...have to use --nodeps for now I
think.
Comment 2 Peter Bieringer 2003-09-23 10:28:33 EDT
Next info: on RHL 9, no such requirement exists (perl-5.8.0-88.3), also not on
RHL 8.0 (same perl-5.8.0-88.3)
Comment 3 Pavel Kankovsky 2003-09-25 05:30:42 EDT
Please note perl-suidperl is not the only odd dependency that has appeared in
the new version of perl package:

$ rpm -q --requires perl
perl-CPAN  
perl-CGI  
perl-DB_File  
perl-NDBM_File  
perl-suidperl  
...

Neither of them was there before and neither of them makes much sense imho.

Note You need to log in before you can comment on or make changes to this bug.