TITLE:  HP Tru64 UNIX - SSRT080001: HP Tru64 UNIX or Internet 
Express for Tru64 UNIX Running Perl 5.8.7 and Earlier, 
Remote Execution of Arbitrary Code

Copyright (c) Hewlett-Packard Company 2008.  All rights reserved.


PRODUCT:    HP Tru64 UNIX [R] V5.1B-4 
SOURCE:     Hewlett-Packard Company

ECO INFORMATION:

     ECO Name:   PERL_V51BB27-ES-20080207
     ECO Kit Approximate Size:  37MB
     Kit Applies To:  HP Tru64 UNIX V5.1B-4 PK4 (BL27)

     ECO Kit CHECKSUMS:
	/usr/bin/sum results:  
	19125  35760

	/usr/bin/cksum results: 
	2473625568 36618240

	MD5 results:   
	721ba19a1d51a46fadde3869fb36c4c3

	SHA1 results:
	70fef9c41fac74ba4bc3bf07ef9c07f075690901


ECO KIT SUMMARY:

A setld-based patch kit exists for HP for Tru64 UNIX 5.1B-3
that contains solutions to the following problem(s):

A potential security vulnerability has been identified in 
Perl 5.8.7 and earlier running on HP Tru64 UNIX and 
Internet Express (IX) for Tru64 UNIX. The vulnerability could 
be exploited remotely to execute unauthorized arbitrary code.


The patches in this kit will also be available in the next mainstream
patch kit - HP Tru64 UNIX v 5.1B-5 and IX 6.8.


Special Installation Instructions

The kit is a tar ball, that when extracted, creates the directory PERL-5.8.8. 
This directory contains the following files -
                  perlsrc.tar (sources)
                  perlrt.tar  (binaries)
                  perl_V51BB27-ES-20080207.readme

The perlsrc.tar contains the installable kit 
                        FSFPERL543 (perl 5.8.8 sources)
The perlrt.tar contains the installable kits
                        BINPERL543 (perl 5.8.8 Runtime)
                        OSFPERL543 (perl 5.8.8 Minimum Runtime)              

For kit installation, please follow these instructions:

#tar -xvf perl_V51BB27-ES-20080207.tar
#cd PERL-5.8.8
#ls 
perlrt.tar perlsrc.tar
#tar -xvf perlrt.tar
#ls
BINPERL543   OSFPERL543   instctrl
#setld -l .


SUPERSEDE INFORMATION:

  None


KNOWN PROBLEMS WITH THE PATCH KIT:

None.


Affected system files:

This patch delivers the following files:

BINPERL543
OSFPERL543
./instctrl/OSFPERL543.inv
./instctrl/OSFPERL543.ctrl
./instctrl/OSF543.comp
./instctrl/OSFPERL543.scp
./instctrl/BINPERL543.inv
./instctrl/BINPERL543.ctrl
./instctrl/BIN543.comp
./instctrl/BINPERL543.scp

[R] UNIX is a registered trademark in the United States and other countries 
licensed exclusively through X/Open Company Limited.

Copyright Hewlett-Packard Company 2008.  All Rights reserved.