MGASA-2016-0027

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2016-0027.html

Import Source

https://advisories.mageia.org/MGASA-2016-0027.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2016-0027

Related

CVE-2015-8607

Published

2016-01-20T17:53:26Z

Modified

2016-01-20T17:41:40Z

Summary

Updated perl and perl-PathTools packages fix security vulnerability

Details

It was reported that File::Spec::canonpath() routine returns untainted strings even if passed tainted input. This defect undermines the guarantee of taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code (CVE-2015-8607).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:5 / perl

Package

Name: perl
Purl: pkg:rpm/mageia/perl?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.20.1-8.1.mga5

Ecosystem specific

{
    "section": "core"
}

Mageia:5 / perl-PathTools

Package

Name: perl-PathTools
Purl: pkg:rpm/mageia/perl-PathTools?distro=mageia-5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.470.0-7.1.mga5

Ecosystem specific

{
    "section": "core"
}