From owner-freebsd-perl@FreeBSD.ORG  Wed May 10 09:04:18 2006
Return-Path: <owner-freebsd-perl@FreeBSD.ORG>
X-Original-To: freebsd-perl@freebsd.org
Delivered-To: freebsd-perl@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id B587C16A401
	for <freebsd-perl@freebsd.org>; Wed, 10 May 2006 09:04:18 +0000 (UTC)
	(envelope-from dmitry@atlantis.dp.ua)
Received: from postman.atlantis.dp.ua (postman.atlantis.dp.ua [193.108.47.1])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5604E43D48
	for <freebsd-perl@freebsd.org>; Wed, 10 May 2006 09:04:16 +0000 (GMT)
	(envelope-from dmitry@atlantis.dp.ua)
Received: from smtp.atlantis.dp.ua (smtp.atlantis.dp.ua [193.108.46.231])
	by postman.atlantis.dp.ua (8.13.1/8.13.1) with ESMTP id k4A94DbC087784
	for <freebsd-perl@freebsd.org>; Wed, 10 May 2006 12:04:13 +0300 (EEST)
	(envelope-from dmitry@atlantis.dp.ua)
Date: Wed, 10 May 2006 12:04:13 +0300 (EEST)
From: Dmitry Pryanishnikov <dmitry@atlantis.dp.ua>
To: freebsd-perl@freebsd.org
Message-ID: <20060510115254.M50002@atlantis.atlantis.dp.ua>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Subject: RELENG_4 and p5-DBI-1.37
X-BeenThere: freebsd-perl@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: maintainer of a number of perl-related ports
	<freebsd-perl.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-perl>,
	<mailto:freebsd-perl-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-perl>
List-Post: <mailto:freebsd-perl@freebsd.org>
List-Help: <mailto:freebsd-perl-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-perl>,
	<mailto:freebsd-perl-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 10 May 2006 09:04:18 -0000


Hello!

  Is there any plan to fix the following vulnerability:

Affected package: p5-DBI-1.37
Type of problem: p5-DBI -- insecure temporary file creation vulnerability.
Reference: 
<http://www.FreeBSD.org/ports/portaudit/8cfb6f42-d2b0-11da-a672-000e0
c2e438a.html>

which affects port databases/p5-DBI-137? If no, it means that one should
upgrade to modern Perl (install lang/perl5*) _every_ RELENG_4 system which 
needs p5-DBI. It could be somewhat painful, couldn't it?

Sincerely, Dmitry
-- 
Atlantis ISP, System Administrator
e-mail:  dmitry@atlantis.dp.ua
nic-hdl: LYNX-RIPE