The USN-3625-1: Perl vulnerabilities is fixed automatically and installed on SecureDrop production instances. It will trigger the following OSSEC alerts and is expected.
OSSEC HIDS Notification. 2018 Apr 17 04:24:16 Received From: mon->syscheck Rule: 551 fired (level 7) -> "Integrity checksum changed again (2nd time)." Portion of the log(s): Integrity checksum changed for: '/usr/bin/perlbug'
OSSEC HIDS Notification. 2018 Apr 17 04:24:23 Received From: mon->syscheck Rule: 551 fired (level 7) -> "Integrity checksum changed again (2nd time)." Portion of the log(s): Integrity checksum changed for: '/usr/bin/perlthanks'
OSSEC HIDS Notification. 2018 Apr 17 04:24:21 Received From: mon->syscheck Rule: 551 fired (level 7) -> "Integrity checksum changed again (2nd time)." Portion of the log(s): Integrity checksum changed for: '/usr/bin/perl'
OSSEC HIDS Notification. 2018 Apr 17 04:25:14 Received From: mon->syscheck Rule: 551 fired (level 7) -> "Integrity checksum changed again (2nd time)." Portion of the log(s): Integrity checksum changed for: '/usr/bin/perl5.18.2'
OSSEC HIDS Notification. 2018 Apr 17 04:24:45 Received From: mon->syscheck Rule: 551 fired (level 7) -> "Integrity checksum changed again (2nd time)." Portion of the log(s): Integrity checksum changed for: '/usr/bin/a2p'