Using Perl 5.8.8
Tom Hukins
tom at FreeBSD.org
Fri Jan 22 12:20:51 UTC 2010
On Thu, Jan 21, 2010 at 05:29:17PM +0000, Matthew Seaman wrote:
> portdowngrade is what you'ld have to use. However, perl-5.8.8 has known
> security vulnerabilities:
>
> http://www.vuxml.org/freebsd/4a99d61c-f23a-11dd-9f55-0030843d3802.html
It looks like VuXML might have got that wrong. The referenced CVE
describes Perl 5.8.4 as fixing this bug:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0448
Furthermore, 5.8.9's release notes mention no security fixes:
http://search.cpan.org/~nwclark/perl-5.8.9/pod/perl589delta.pod
While I can't think of any good reason to prefer 5.8.8 over 5.8.9, the
former has no known defects I would describe as "security
vulnerabilities".
Tom
More information about the freebsd-ports
mailing list