TITLE:  HP Tru64 UNIX - SSRT080001: HP Tru64 UNIX or 
Internet Express for Tru64 UNIX Running Perl 5.8.7 and Earlier, 
Remote Execution of Arbitrary Code

Copyright (c) Hewlett-Packard Company 2008.  All rights reserved.


PRODUCT:    HP Tru64 UNIX [R] V5.1B-3 
SOURCE:     Hewlett-Packard Company

ECO INFORMATION:

     ECO Name: PERL_V51BB26-ES-20080207
     ECO Kit Approximate Size:  37MB
     Kit Applies To:  HP Tru64 UNIX V5.1B-3 PK5 (BL26)

     ECO Kit CHECKSUMS:
	/usr/bin/sum results:  
	29785  35760

	/usr/bin/cksum results: 
	3168255174 36618240

	MD5 results:   
	e90737fe5e2a24dc06c1c721cfbcd475

	SHA1 results:
	5f1df03f97184ca6473259fdbf316f1470794020


ECO KIT SUMMARY:

A setld-based patch kit exists for HP for Tru64 UNIX 5.1B-3
that contains solutions to the following problem(s):

A potential security vulnerability has been identified in 
Perl 5.8.7 and earlier running on HP Tru64 UNIX and 
Internet Express (IX) for Tru64 UNIX. The vulnerability could 
be exploited remotely to execute unauthorized arbitrary code.


The patches in this kit will also be available in the next mainstream
patch kit - HP Tru64 UNIX v 5.1B-5 and IX 6.8.


Special Installation Instructions

The kit is a tar ball, that when extracted, creates the directory PERL-5.8.8. 
This directory contains the following files -
                  perlsrc.tar (sources)
                  perlrt.tar  (binaries)
		  perl_V51BB26-ES-20080207.readme

The perlsrc.tar contains the installable kit 
                        FSFPERL543 (perl 5.8.8 sources)
The perlrt.tar contains the installable kits
                        BINPERL543 (perl 5.8.8 Runtime)
                        OSFPERL543 (perl 5.8.8 Minimum Runtime)              

For kit installation, please follow these instructions:

#tar -xvf perl_V51BB26-ES-20080207.tar
#cd PERL-5.8.8
#ls 
perlrt.tar perlsrc.tar
#tar -xvf perlrt.tar
#ls
BINPERL543   OSFPERL543   instctrl
#setld -l .


SUPERSEDE INFORMATION:

  None


KNOWN PROBLEMS WITH THE PATCH KIT:

None.


Affected system files:

This patch delivers the following files:

BINPERL543
OSFPERL543
./instctrl/OSFPERL543.inv
./instctrl/OSFPERL543.ctrl
./instctrl/OSF543.comp
./instctrl/OSFPERL543.scp
./instctrl/BINPERL543.inv
./instctrl/BINPERL543.ctrl
./instctrl/BIN543.comp
./instctrl/BINPERL543.scp


[R] UNIX is a registered trademark in the United States and other countries 
licensed exclusively through X/Open Company Limited.

Copyright Hewlett-Packard Company 2008.  All Rights reserved.