Univention Bugzilla – Bug 47292
perl: Multiple issues (4.3)
Last modified: 2018-07-04 14:54:06 CEST
New Debian perl 5.24.1-3+deb9u4 fixes: This update addresses the following issue(s): * This update addresses the following issue(s): * CVE_2011-4116 is open * In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. (CVE-2018-12015) 5.24.1-3+deb9u4 (Sun, 10 Jun 2018 18:37:28 +0100) * [SECURITY] CVE-2018-12015: fix directory traversal vulnerability in Archive-Tar * CVE-2018-12015 perl: Directory traversal in Archive::Tar (CVE-2018-12015)
[4.3-1] 8483dfbfd5 Bug #47292: perl 5.24.1-3+deb9u4 doc/errata/staging/perl.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+) <http://10.200.17.11/4.3-1/#5732944496847363055>
<http://jenkins.knut.univention.de:8080/job/UCS-4.3/job/UCS-4.3-1/job/ErrataValidation/233/console> OK: Jenkins <http://jenkins.knut.univention.de:8080/job/UCS-4.3/job/UCS-4.3-1/job/AutotestJoin/lastCompletedBuild/testReport/>
<http://errata.software-univention.de/ucs/4.3/136.html>