Описание
Security update for perl-DBI
This update for perl-DBI fixes the following issues:
- CVE-2014-10401: Fixed incorrect permission on opening files via DBD::File drivers (bsc#1176492)
- CVE-2014-10402: Fixed incorrect permission on opening files via DBD::File drivers (bsc#1176492)
Список пакетов
SUSE Linux Enterprise Server 12 SP5
perl-DBI-1.628-5.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
perl-DBI-1.628-5.9.1
Ссылки
- Link for SUSE-SU-2024:3136-1
- E-Mail link for SUSE-SU-2024:3136-1
- SUSE Security Ratings
- SUSE Bug 1176492
- SUSE CVE CVE-2014-10401 page
- SUSE CVE CVE-2014-10402 page
Описание
An issue was discovered in the DBI module before 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:perl-DBI-1.628-5.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:perl-DBI-1.628-5.9.1
Ссылки
- CVE-2014-10401
- SUSE Bug 1176492
Описание
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:perl-DBI-1.628-5.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:perl-DBI-1.628-5.9.1
Ссылки
- CVE-2014-10402
- SUSE Bug 1176492