If you saw the news that the Perl Steering Committee just released, they recently identified and patched two new major vulnerabilities:
* CVE-2023-47038 - Write past buffer end via illegal user-defined Unicode property
* CVE-2023-47039 - Perl for Windows binary hijacking vulnerability
You're getting this email because you have expressed interest in or are using a version of Perl supported by ActiveState. The good news is we've already backported the newly released patches to Perl 5.22 and beyond!
Here's what to do next, if you are:
Using an ActiveState Community Edition Perl Installer and you are concerned about these CVEs, contact us
On an ActiveState Platform Free Tier Account and want to ensure you or your team are protected against these CVEs, contact us
On the ActiveState Platform Team Tier or Enterprise Tier, log into the platform and download the patched Perl versions for 5.32-5.38 for all supported OS (Windows, Mac, Linux)
On the ActiveState Platform Team Tier or Enterprise Tier, but do not have access to end-of-life version support for Perl, contact us
If you are unsure of your access level or have any questions or concerns, please feel free to reply and we will connect you with a technical member of our team.
You are receiving this email because you signed up for the latest insights from ActiveState. This is a monthly email that shares the more popular content we've shared recently. You can access the complete library here.
0 comments:
Post a Comment