upgrade xenial-perl to get important security fixes
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
perl (Ubuntu) |
Triaged
|
Medium
|
Unassigned |
Bug Description
xenial packages perl at version 5.22.1, as described here -- https:/
Please could you upgrade the package to reflect 5.22.4, to include critical bug fixes that have been fixed in the meantime? This is a binary-compatible upgrade that does not require the recompilation of perl modules contained in other ubuntu packages.
Debian has already prepared a 5.22.4 build so you should be able to simply copy that over. The main security issue of concern is this one -- https:/
I am also in touch with the debian perl people, and the core perl team, so I can answer additional questions or facilitate communication with either group as needed.
thank you!
CVE References
information type: | Private Security → Public Security |
tags: | added: xenial |
Hello and thanks for the bug report. We've previously triaged this issue in the Ubuntu CVE Tracker:
https:/ /people. canonical. com/~ubuntu- security/ cve/2016/ CVE-2016- 1238.html
Please watch that page for the latest information for this issue. Thanks again!