Описание
Security update for perl
This update for perl fixes the following issues:
This security issue was fixed:
- CVE-2018-12015: The Archive::Tar module allowed remote attackers to bypass a directory-traversal protection mechanism and overwrite arbitrary files (bsc#1096718)
This non-security issue was fixed:
- fix debugger crash in tab completion with Term::ReadLine::Gnu [bsc#1068565]
This update was imported from the SUSE:SLE-12:Update update project.
Список пакетов
openSUSE Leap 42.3
perl-5.18.2-15.2
perl-32bit-5.18.2-15.2
perl-base-5.18.2-15.2
perl-base-32bit-5.18.2-15.2
perl-doc-5.18.2-15.2
Ссылки
- E-Mail link for openSUSE-SU-2018:2010-1
- SUSE Security Ratings
Описание
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
Затронутые продукты
openSUSE Leap 42.3:perl-32bit-5.18.2-15.2
openSUSE Leap 42.3:perl-5.18.2-15.2
openSUSE Leap 42.3:perl-base-32bit-5.18.2-15.2
openSUSE Leap 42.3:perl-base-5.18.2-15.2
Ссылки
- CVE-2018-12015
- SUSE Bug 1096718
- SUSE Bug 1099497
- SUSE Bug 1099507
- SUSE Bug 1106717