В BUGTRAQ было сообщение о том, что что есть возможность с помощью
suidperl (который при определенных обстоятельствах посылает
/bin/mail'ом письмо руту) получить права рута. Ну и , соответственно,
предлагают сделать upgrade.
Интересно, а не достаточно просто убрать sticky-bit у suidperl ?

Ниже полное описание проблемы из BUGTRAQ:

There is a vulnerability that exists when using setuidperl together
with the mailx program.
In some cases, setuidperl will warn root
that something has going on. The setuidperl program uses /bin/mail
to send the message, as root, with the environment preserved.
An undocumented feature of /bin/mail consists of it interpretting the
~! sequence even if it is not running on the terminal,
and the message also contains the script name, taken from argv[1].
With all of this combined, it is possible to execute a Command
using ~! passed in the script name to create a suid shell.
The instance of setuidperl sending such a message can only be
reached if you ty to fool perl into forcing the execution of one
file instead of another. This vulnerability may not be limited
to just the mailx program, which is why an
upgrade for perl is provided as opposed to an upgrade for mailx.