Safe.pm in ports/japanese/perl5 (perl 5.005_03 plus Japanese patch) has a security hole labelled as CAN-2002-1323. For more information, see the websites at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1323 http://groups.google.com/groups?threadm=rt-17744-39131.3.96370682846239%40bugs6.perl.org [NOTE] ports/lang/perl5 (perl 5.6.1) and ports/lang/perl5.8 (perl 5.8.0) are not affected, since they have files/patch-Safe.pm in the ports. FreeBSD 4.x base system's perl is also affected, so I have sent another PR labelled as bin/57315. Fix: Apply ports/lang/perl5/patch-Safe.pm to ports/japanese/perl5. It applies to perl 5.005_03 with no problem. ports/lang/perl5.8/patch-Safe.pm does not apply to perl 5.005_03, since it is an upgrade from Safe.pm 2.07 to 2.09 while perl 5.005_03 has Safe.pm 2.06. How-To-Repeat: I tried the exploit code at Google Groups archive, but is not successful.
Responsible Changed From-To: freebsd-ports-bugs->shige Over to maintainer
State Changed From-To: open->closed Committed. Thanks!