HeartBleed vulnerability and ActivePerl

Posted by grahams on 2014-04-09 14:15
Question: 

Is my Community/Business/Enterprise Edition version of ActivePerl vulnerable to HeartBleed?

Answer: 

ActivePerl Community/Business Editions which, as shipped, are affected:
- 5.14.4.1405 - upgrade to 5.14.4.1406 (Business Edition only) or 5.16.3.1604 to fix
- 5.16.3.1603 - upgrade to 5.16.3.1604 to fix
- 5.18.1.1800 - upgrade to 5.18.2.1802 to fix
- 5.18.2.1801 - upgrade to 5.18.2.1802 to fix

Modules supplied through PPM are unaffected.
Modules compiled locally must be reviewed locally for vulnerability.

Enterprise Editions can be distinguished from Community/Business Editions by the presence of an additional fifth number before the six digit build number/version control number.
ActivePerl Enterprise Editions which, as shipped, are affected:
- 5.8.9.829.9 through 829.12
- 5.10.1.1009.9 through 1009.12
- 5.12.5.1206.2 through 1206.5
- 5.14.3.1404.2 through 1405.3
- 5.16.2.1602.2 through 1603.3

New Enterprise releases have been issued and can be located under the 2014Q1.1 folder.