drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Überschreiben von Dateien in perl-Archive-Tar
Name: |
Überschreiben von Dateien in perl-Archive-Tar |
|
ID: |
FEDORA-2018-4e088b6d7c |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 28 |
|
Datum: |
Di, 19. Juni 2018, 09:25 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12015 |
|
Applikationen: |
perl-Archive-Tar |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2018-4e088b6d7c 2018-06-18 16:16:37.138580 ------------------------------------------------------------------------------- -
Name : perl-Archive-Tar Product : Fedora 28 Version : 2.28 Release : 1.fc28 URL : https://metacpan.org/release/Archive-Tar Summary : A module for Perl manipulation of .tar files Description : Archive::Tar provides an object oriented mechanism for handling tar files. It provides class methods for quick and easy files handling while also allowing for the creation of tar file objects for custom manipulation. If you have the IO::Zlib module installed, Archive::Tar will also support compressed or gzipped tar files.
------------------------------------------------------------------------------- - Update Information:
This release fixes CVE-2018-12015 vulnerability (a directory traversal). It also fixes creating a file with a trailing white space on the file name. It also allows to archive absolute path names and it speeds up extracting large archives. ------------------------------------------------------------------------------- - ChangeLog:
* Fri Jun 8 2018 Petr Pisar <ppisar@redhat.com> - 2.28-1 - 2.28 bump - Fixes CVE-2018-12015 (directory traversal) (bug #1588761) ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1588760 - CVE-2018-12015 perl: Directory traversal in Archive::Tar https://bugzilla.redhat.com/show_bug.cgi?id=1588760 ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2018-4e088b6d7c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BMHBMP53V6YZNF4A7B2HN6PD7NOFQHN6/
|
|
|
|