Perl.com update -------------------------------------- The Email for www.perl.com Subscribers ==================================================================== Sponsored by Oracle9i Oracle Technology Network will bring you to the top of your game in applications development technology. Download the latest development programs and sample code. Membership -- and the latest development software -- is free. Jumpstart your development on Oracle9i. Register for a FREE CD sampler. Oracle Technology Network. All you need to know. http://www.oreillynet.com/nlr/perl/04/17/mid ==================================================================== Hello, world! This is Simon Cozens, www.perl.com managing editor, bringing you the latest goings on from the world of Perl and our own site. * Perl at large. Not much news this week, but what we've got is important, so please listen up! For users of SOAP::Lite: A security hole was found in this module which allows attackers to execute any Perl subroutine on the remote server. Yes, this is remote shell access. If you're using SOAP::Lite, I'd begin by taking down your server, and then taking a look at the SOAP-Lite mailing list. Randy Ray, author of RPC::XML, has said he's "pretty certain" that his module isn't vulnerable to this, and worries that Frontier::RPC may be. Here's the exploit from Phrack: http://www.phrack.com/show.php?p=58&a=9 http://use.perl.org/article.pl?sid=02/04/09/000212&mode=thread&tid=5&threshold=-1 http://lists.perl.org/showlist.cgi?name=SOAP-Lite * What's new on www.perl.com? This week, we continue our mod_perl series by Stas Bekman, with a piece on how to install Apache with mod_perl if we don't have root access on a given server. This is particularly useful for developers testing out mod_perl tools and modules, but proves to be interesting reading for all mod_perl users. http://www.perl.com/pub/a/2002/04/10/mod_perl.html Enjoy! SC ======================================================================= Award-Winning ColdFusion 5: High-Performance and Simplified Management Increase productivity, simplify management, and enhance application performance with Macromedia ColdFusion 5. Build content publishing systems and self-service apps fast. FREE TRIAL. FREE SEMINARS. http://www.oreillynet.com/nlr/macromedia/cf/1 ======================================================================= *** Featured Articles *** Installing mod_perl Without Superuser Privileges In his continuing series on mod_perl, Stas Bekman explains how to install a mod_perl-ized Apache on a server even if you don't have root privileges. http://www.perl.com/pub/a/2002/04/10/mod_perl.html *** Exegesis 4 What does the fourth Apocalypse really mean to you? A4 explained what control structures would look like in Perl 6; Damian Conway expands on those ideas and presents a complete view of the Perl 6 control-flow mechanism. http://perl.com/pub/a/2002/04/01/exegesis4.html *** Apocalypse 4: All About Blocks In his latest article explaining the design of Perl 6, Larry Wall tackles the syntax of the language. http://perl.com/pub/a/2002/01/15/apo4.html *** CPANPLUS For many years the CPAN.pm module has helped people install Perl modules. But it's also been clunky, fragile, and amazingly difficult to use programmatically. Jos Boumans introduces CPANPLUS, his project to change all that. http://www.perl.com/pub/a/2002/03/26/cpanplus.html *** mod_perl in 30 Minutes Stas Bekman shows us how to install and configure mod_perl, plus how to start accelerating CGI scripts with Apache::Registry. http://www.perl.com/pub/a/2002/03/22/modperl.html =============================================================== The 4th O'Reilly Open Source Convention, July 22-26, 2002 Sheraton San Diego Hotel and Marina >From the Frontier of Research, to the Heart of the Enterprise Celebrate the Success of Open Source Software! Keynotes Jim Kent, Ewan Birney, Larry Lessig, and, from the Free Software Movement, Richard Stallman: http://conferences.oreilly.com/oscon/ =============================================================== -- For information on unsubscribing from this list, please visit http://rochester.pm.org