Mandriva Linux Security Advisory : perl (MDVSA-2011:091)
Medium Nessus Plugin ID 54577
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been found and corrected in perl :
The (1) lc, (2) lcfirst, (3) uc, and (4) ucfirst functions in Perl 5.10.x, 5.11.x, and 5.12.x through 5.12.3, and 5.13.x through 5.13.11, do not apply the taint attribute to the return value upon processing tainted input, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string (CVE-2011-1487).
Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.