3 Delete this begin/end block before publication.
5 Not every heading below is appropriate for every security issue, so
8 Look for FIXME to see what needs to be filled in.
16 FIXME - short description of the security issue, with an identifier of the issue as the manpage name
21 Ideally, FIXME here should be the CVE-ID as a link to cve.mitre.org
23 This document describes the
24 L<FIXME|http://cve.mitre.org/cgi-bin/cvename.cgi?name=FIXME>
25 security vulnerability for perl 5.
27 =head2 Are there any known exploits "in the wild" for this vulnerability
31 =head2 Who is particularly vulnerable because of this issue?
35 =head2 What is the nature of the vulnerability?
39 =head2 What potential exploits are enabled by this vulnerability?
43 =head2 Which major versions of perl 5 are affected?
45 FIXME with a list of versions that are affected, and which were updated.
47 =head2 How can users protect themselves?
49 FIXME or use the following:
51 If you are vulnerable, upgrade to the latest maintenance release for the
52 version of perl you are using.
54 If your release of perl is no longer supported by the perl 5 committers you
55 may need to upgrade to a new major release of perl. The versions currently
56 supported by the perl 5 committers are
57 FIXME 5.28.2 (until 2020-05-31)
59 FIXME 5.30.1 (until 2021-05-31).
60 The current version of perl is available from https://www.perl.org/get.html .
62 =head2 Who was given access to the information about the vulnerability?
64 FIXME or use the following:
66 Specifics about the vulnerability were first disclosed to
67 C<perl-security>, a closed subscriber mailing list that has a
68 subset of the perl committers subcribed to it.
70 =head2 When was the vulnerability discovered?
74 =head2 Who discovered the vulnerability?
78 =head2 How was the vulnerability reported?
80 FIXME: something like "So-and-so sent email to
81 perl-security@perl.org"
https://perl5.git.perl.org / perl5.git / blob