Ponie is the project name for Perl 5.12, a bridge between Perl 5 and Perl 6. Ponie will bring Perl 5 to Parrot, the virtual machine at the heart of Perl 6. A project of this size and complexity takes plenty of talent, and plenty of support, to complete. The first phase of the project has come to an end, and a new one is beginning. In July of 2003, ... read more |
The Perl community has released a fix to the sprintf function that was recently discovered to have a buffer overflow in very specific cases. All Perl users should consider updating immediately. Dyad Security recently released a security advisory explaining how in certain cases, a carefully crafted format string passed to sprintf can cause a buffer overflow. This buffer overflow can then be used by an attacker to execute code on ... read more |
If you have been wondering how you can help out, here is one way A quick introduction: If you don't know me, I am looking after many of the perl.org services with Robert Spier. When I started I helped look after the majordomo system it was running on then Soon after I moved the lists and the websites we hosted to a computer under my desk at "ValueClick":http://www.valueclick.com/ where I ... read more |
The Perl community has updated the core module Sys::Syslog to help alleviate a security hole in the Webmin web administration package. All Webmin users should update immediately to the updated version of Sys::Syslog. Dyad Security released a security advisory explaining how arbitrary, untrusted data can get passed by Webmin into Perl's Sys::Syslog module as a sprintf format string. This allows an attack to create arbitrarily large strings, overwhelming server resources ... read more |
Last week I attended the first annual Gartner Open Source Summit Gartner is a major IT market researcher and consultant, specifically for large businesses. The fact that this conference exists speaks volumes for the penetration of open source in all sorts of IT shops. OSS hung under the radar for quite a while because it doesn't show up in any of the traditional data that analysts use to measure market ... read more |