Описание
Security update for perl
This update for perl fixes the following issues:
- CVE-2018-12015: The Archive::Tar module allowed remote attackers to bypass a directory-traversal protection mechanism and overwrite arbitrary files (bsc#1096718).
Список пакетов
SUSE Linux Enterprise Point of Sale 11 SP3
perl-5.10.0-64.81.13.1
perl-Module-Build-0.2808.01-0.81.13.1
perl-Test-Simple-0.72-0.81.13.1
perl-base-5.10.0-64.81.13.1
perl-doc-5.10.0-64.81.13.1
SUSE Linux Enterprise Server 11 SP3-LTSS
perl-5.10.0-64.81.13.1
perl-32bit-5.10.0-64.81.13.1
perl-Module-Build-0.2808.01-0.81.13.1
perl-Test-Simple-0.72-0.81.13.1
perl-base-5.10.0-64.81.13.1
perl-doc-5.10.0-64.81.13.1
SUSE Linux Enterprise Server 11 SP3-TERADATA
perl-5.10.0-64.81.13.1
perl-32bit-5.10.0-64.81.13.1
perl-Module-Build-0.2808.01-0.81.13.1
perl-Test-Simple-0.72-0.81.13.1
perl-base-5.10.0-64.81.13.1
perl-doc-5.10.0-64.81.13.1
SUSE Linux Enterprise Server 11 SP4
perl-5.10.0-64.81.13.1
perl-32bit-5.10.0-64.81.13.1
perl-Module-Build-0.2808.01-0.81.13.1
perl-Test-Simple-0.72-0.81.13.1
perl-base-5.10.0-64.81.13.1
perl-doc-5.10.0-64.81.13.1
perl-x86-5.10.0-64.81.13.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
perl-5.10.0-64.81.13.1
perl-32bit-5.10.0-64.81.13.1
perl-Module-Build-0.2808.01-0.81.13.1
perl-Test-Simple-0.72-0.81.13.1
perl-base-5.10.0-64.81.13.1
perl-doc-5.10.0-64.81.13.1
perl-x86-5.10.0-64.81.13.1
SUSE Linux Enterprise Software Development Kit 11 SP4
perl-base-32bit-5.10.0-64.81.13.1
Ссылки
- Link for SUSE-SU-2018:1992-1
- E-Mail link for SUSE-SU-2018:1992-1
- SUSE Security Ratings
- SUSE Bug 1096718
- SUSE CVE CVE-2018-12015 page
Описание
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:perl-5.10.0-64.81.13.1
SUSE Linux Enterprise Point of Sale 11 SP3:perl-Module-Build-0.2808.01-0.81.13.1
SUSE Linux Enterprise Point of Sale 11 SP3:perl-Test-Simple-0.72-0.81.13.1
SUSE Linux Enterprise Point of Sale 11 SP3:perl-base-5.10.0-64.81.13.1
Ссылки
- CVE-2018-12015
- SUSE Bug 1096718
- SUSE Bug 1099497
- SUSE Bug 1099507
- SUSE Bug 1106717