Thu, 06 Dec 2007
Is Perl Being Maintained?
Another of the urgent works of the last month was rebuilding Perl and all of its modules for our production systems. The reason of it was that a security hole had been found in the Perl regular expression engine: CVE-2007-5116.
However, from looking at the
spec file from
the Fedora Perl package,
it seems that in the last year they have applied even some patches
labeled as "fixes from the upstream". So there is some development
in the 5.8 branch, but it is apparently not public enough, and the Perl
developers do not even acknowledge serious security problems in their