openSUSE-SU-2018:2011-1

Опубликовано: 19 июл. 2018

Источник: suse-cvrf

Описание

Security update for perl

This update for perl fixes the following issues:

CVE-2018-12015: The Archive::Tar module allowed remote attackers to bypass a directory-traversal protection mechanism and overwrite arbitrary files (bsc#1096718)

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.0

perl-5.26.1-lp150.6.3.1

perl-32bit-5.26.1-lp150.6.3.1

perl-base-5.26.1-lp150.6.3.1

perl-base-32bit-5.26.1-lp150.6.3.1

perl-doc-5.26.1-lp150.6.3.1

Ссылки

http://lists.opensuse.org/opensuse-security-announce/2018-07/msg00024.html
E-Mail link for openSUSE-SU-2018:2011-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.

Затронутые продукты

openSUSE Leap 15.0:perl-32bit-5.26.1-lp150.6.3.1

openSUSE Leap 15.0:perl-5.26.1-lp150.6.3.1

openSUSE Leap 15.0:perl-base-32bit-5.26.1-lp150.6.3.1

openSUSE Leap 15.0:perl-base-5.26.1-lp150.6.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-12015.html
CVE-2018-12015
https://bugzilla.suse.com/1096718
SUSE Bug 1096718
https://bugzilla.suse.com/1099497
SUSE Bug 1099497
https://bugzilla.suse.com/1099507
SUSE Bug 1099507
https://bugzilla.suse.com/1106717
SUSE Bug 1106717

openSUSE-SU-2018:2011-1

Описание

Список пакетов

openSUSE Leap 15.0

Ссылки

Уязвимость: CVE-2018-12015

Описание

Затронутые продукты

Ссылки