USN-5033-1: Perl vulnerability

09 August 2021

Perl could be made to run arbitrary programs.

Releases

Packages

  • perl - Practical Extraction and Report Language

Details

It was discovered that the Perl Encode library incorrectly handled paths. A
local attacker could possibly use this issue to trick the library into
executing arbitrary code from the current working directory.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 21.04

In general, a standard system update will make all the necessary changes.

References