Created attachment 110480 [details] Text sent to vendor-sec
The following isuses were reported regarding running setuid perl executables (I'm attaching the report as a text file as it is long). buffer overflow caused by very long paths and a PERLIO_DEBUG file overwrite bug.
This issue should also affect RHEL2.1
Created attachment 110481 [details] Proposed patch This patch needs peer review.
CAN-2005-0155 for the privilege escalation in debug mode CAN-2005-0156 for the buffer overflow
patch applied and built into dist-3.0E-errata-candidate
Removing embargo, public via ubuntu
This issue does not affect RHEL2.1
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-105.html