dave_aiello has asked for the wisdom of the Perl Monks concerning the following question:
I'm sure most of my fellow monks are aware of the Zlib "Double Free" Vulnerability. The maintainers of the library have stated that over 500 apps on many different platforms may be affected. These include several Perl modules (list is an excerpt of Zlib's list):
Chatham Township Data Corporation
- perl-Compress-Zlib
- perl-GD
- perl-Gtk-Perl
- perl-HTML-Embperl
- perl-Msql-Mysql-modules
- perl-Qt
Have any monks begun to think about a risk mitigation strategy? By this I mean
- how to track when vulnerable modules are updated and
- how to ensure that updated modules are pushed out to all the boxes where Perl code is deployed?
Chatham Township Data Corporation
|
---|
Replies are listed 'Best First'. | |
---|---|
Re: Perl Exposure to Zlib Vulnerability, Mitigation Strategy?
by Masem (Monsignor) on Mar 15, 2002 at 23:39 UTC | |
Re: Perl Exposure to Zlib Vulnerability, Mitigation Strategy?
by gellyfish (Monsignor) on Mar 16, 2002 at 08:32 UTC | |
Re: Perl Exposure to Zlib Vulnerability, Mitigation Strategy?
by webadept (Pilgrim) on Mar 16, 2002 at 10:08 UTC | |
by gellyfish (Monsignor) on Mar 16, 2002 at 16:04 UTC | |
by cjf (Parson) on Mar 17, 2002 at 20:45 UTC |
Back to
Seekers of Perl Wisdom