There have been various threads on this issue over the past few days This one probably contains the most meat and least flaming muck. Opinions are currently divided between this being the end of the world and it not being a big deal at all :-).

There is a bug in perl which can be used to compromise a machine if a script uses format strings incorrectly. This is a serious bug and if you suspect a script of yours may be vulnerable you should check. Work is underway to fix this in perl itself, the webmin script which exposed this hole has already been fixed (which does not help other vulnerable scripts of course). Taint checking will not help with this, but common sense on the part of the programmer will.

Oh, and if your java buddies give you a hard time over this ask them to make a comparative list of the number of serious Java and Perl vulnerabilities over the last year. I suspect you won't hear back from them ;-).