drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Unsichere Verwendung temporärer Dateien in perl
Name: |
Unsichere Verwendung temporärer Dateien in perl
|
|
ID: |
USN-16-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 4.10 |
|
Datum: |
Fr, 5. November 2004, 12:00 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0976 |
|
Applikationen: |
Perl |
|
Originalnachricht |
=========================================================== Ubuntu Security Notice USN-16-1 November 02, 2004 perl vulnerabilities CAN-2004-0976 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog)
The following packages are affected:
perl
The problem can be corrected by upgrading the affected package to version 5.8.4-2ubuntu0.1. In general, a standard system upgrade is sufficient to effect the necessary changes.
Details follow:
Recently, Trustix Secure Linux discovered some vulnerabilities in the perl package. The utility "instmodsh", the Perl package "PPPort.pm", and several test scripts (which are not shipped and only used during build) created temporary files in an insecure way, which could allow a symlink attack to create or overwrite arbitrary files with the privileges of the user invoking the program, or building the perl package, respectively.
Source archives:
perl_5.8.4-2ubuntu0.1.diff.gz Size/MD5: 56716 d5f93d4521ddc87d8f7c8dfbc82f9465 perl_5.8.4-2ubuntu0.1.dsc Size/MD5: 727 1dc005c45130d1dcca02c4e04d22c229 http://security.ubuntu.com/ubuntu/pool/main/p/perl/perl_5.8.4.orig.tar.gz Size/MD5: 12094233 912050a9cb6b0f415b76ba56052fb4cf
Architecture independent packages:
libcgi-fast-perl_5.8.4-2ubuntu0.1_all.deb Size/MD5: 36368 a6688d0b21164b829ed3999b10f367ed perl-doc_5.8.4-2ubuntu0.1_all.deb Size/MD5: 7049896 fd4003c656589b437e1fd5f6dafc0cbc perl-modules_5.8.4-2ubuntu0.1_all.deb Size/MD5: 2181512 188df1e3bfc11485da2140e09eab80cc
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
libperl-dev_5.8.4-2ubuntu0.1_amd64.deb Size/MD5: 605390 0b406c1ca29710f7de99c79211d86134 libperl5.8_5.8.4-2ubuntu0.1_amd64.deb Size/MD5: 1034 afc27d0c462c213ec205d7e1b2d373d1 perl-base_5.8.4-2ubuntu0.1_amd64.deb Size/MD5: 786632 0998222120d32561c94a25c83899fa2d perl-debug_5.8.4-2ubuntu0.1_amd64.deb Size/MD5: 3819870 a79d6c93cfc4b85ac0d977bc854acc3d perl-suid_5.8.4-2ubuntu0.1_amd64.deb Size/MD5: 32830 9cea4d9c974e36c43b12e7038e650bfa perl_5.8.4-2ubuntu0.1_amd64.deb Size/MD5: 3834282 b05319dac1909847d7ac11a354ce3d8b
i386 architecture (x86 compatible Intel/AMD)
libperl-dev_5.8.4-2ubuntu0.1_i386.deb Size/MD5: 546804 d0810bca6015bb925d0f84840a616dc5 libperl5.8_5.8.4-2ubuntu0.1_i386.deb Size/MD5: 494038 3b2c662dfbf227d6b91b6226afb549e7 perl-base_5.8.4-2ubuntu0.1_i386.deb Size/MD5: 726984 61c5b85db23b8b089dbe3da138a5192c perl-debug_5.8.4-2ubuntu0.1_i386.deb Size/MD5: 3630998 f99a50dcee317be15e59b1c96abcddd8 perl-suid_5.8.4-2ubuntu0.1_i386.deb Size/MD5: 30810 a078736398014ad88c0b1b14013f613c perl_5.8.4-2ubuntu0.1_i386.deb Size/MD5: 3229790 d4055641a1d862a6689ab558c2e2d703
powerpc architecture (Apple Macintosh G3/G4/G5)
libperl-dev_5.8.4-2ubuntu0.1_powerpc.deb Size/MD5: 560976 01c0f685545f71ef9d63b49a4d8e89e4 libperl5.8_5.8.4-2ubuntu0.1_powerpc.deb Size/MD5: 1032 4161c4a64ea0de87702cdad169900d32 perl-base_5.8.4-2ubuntu0.1_powerpc.deb Size/MD5: 717954 87444b8ecf1324ab901c22be42d3d659 perl-debug_5.8.4-2ubuntu0.1_powerpc.deb Size/MD5: 3817034 9622d49e221adbedb47ae5d7d3ce1257 perl-suid_5.8.4-2ubuntu0.1_powerpc.deb Size/MD5: 30562 3aa52c138a8838357defbe848c335a08 perl_5.8.4-2ubuntu0.1_powerpc.deb Size/MD5: 3477180 669dd12820648ff141a6974c8f0a2c65
|
|
|
|