drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Unsichere Verwendung temporärer Dateien in perltidy
| Name: |
Unsichere Verwendung temporärer Dateien in perltidy |
|
| ID: |
FEDORA-2014-3891 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 19 |
|
| Datum: |
Mo, 24. März 2014, 10:35 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2277 |
|
| Applikationen: |
perltidy |
|
Originalnachricht |
Name : perltidy
Product : Fedora 19
Version : 20130922
Release : 1.fc19
URL : http://perltidy.sourceforge.net/
Summary : Tool for indenting and reformatting Perl scripts
Description :
Perltidy is a Perl script which indents and reformats Perl scripts to
make them easier to read. If you write Perl scripts, or spend much
time reading them, you will probably find it useful. The formatting
can be controlled with command line parameters. The default parameter
settings approximately follow the suggestions in the Perl Style Guide.
Perltidy can also output HTML of both POD and source code. Besides
reformatting scripts, Perltidy can be a great help in tracking down
errors with missing or extra braces, parentheses, and square brackets
because it is very good at localizing errors.
-------------------------------------------------------------------------------
-
Update Information:
Update to 20130922, apply fix for CVE-2014-2277.
http://cpansearch.perl.org/src/SHANCOCK/Perl-Tidy-20130922/CHANGES
-------------------------------------------------------------------------------
-
ChangeLog:
* Wed Mar 12 2014 Ville Skyttä <ville.skytta@iki.fi> - 20130922-1
- Update to 20130922.
- Fix for CVE-2014-2277 from Debian (#1074721) + related man page fix.
- Fix bogus date in %changelog.
* Sun Aug 4 2013 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 20121207-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed Jul 17 2013 Petr Pisar <ppisar@redhat.com> - 20121207-3
- Perl 5.18 rebuild
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #1074720 - CVE-2014-2277 perltidy: insecure temporary file creation
https://bugzilla.redhat.com/show_bug.cgi?id=1074720
-------------------------------------------------------------------------------
-
This update can be installed with the "yum" update program. Use
su -c 'yum update perltidy' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|
