Andy Lester writes "Perl 5 Porters have released a fix to the sprintf function that was recently discovered to have a buffer overflow in very specific cases. All Perl users should consider updating immediately. Dyad Security recently released a security advisory explaining how in certain cases, a carefully crafted format string passed to sprintf can cause a buffer overflow. This buffer overflow can then be used by an attacker to execute code on the machine. This was discovered in the context of a design problem with the Webmin administration package that allowed a malicious user to pass unchecked data into sprintf. A related fix for Sys::Syslog has already been released."