Sicherheit: Ausführen beliebiger Kommandos in perl-IO-Compress
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in perl-IO-Compress
ID: FEDORA-2016-0adfcb6751
Distribution: Fedora
Plattformen: Fedora 23
Datum: Fr, 19. August 2016, 07:18
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1238
Applikationen: perl-IO-Compress


Name        : perl-IO-Compress
Product : Fedora 23
Version : 2.068
Release : 348.fc23
URL : http://search.cpan.org/dist/IO-Compress/
Summary : Read and write compressed data
Description :
This distribution provides a Perl interface to allow reading and writing of
compressed data created with the zlib and bzip2 libraries.

IO-Compress supports reading and writing of bzip2, RFC 1950, RFC 1951,
RFC 1952 (i.e. gzip) and zip files/buffers.

The following modules used to be distributed separately, but are now
included with the IO-Compress distribution:
* Compress-Zlib
* IO-Compress-Zlib
* IO-Compress-Bzip2
* IO-Compress-Base

Update Information:

Avoid loading optional modules from default . (CVE-2016-1238)

This update can be installed with the "yum" update program. Use
su -c 'yum update perl-IO-Compress' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list
Pro-Linux @Facebook
Neue Nachrichten