Summary: | <perl-core/File-Temp-0.230.0: insecure temporary file handling vulnerability (CVE-2011-4116) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://rt.cpan.org/Public/Bug/Display.html?id=69106 | ||
Whiteboard: | B3 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2011-11-16 10:35:36 UTC
Stalled upstream. @maintainers: please apply the patch. This is fixed in virtual/perl-File-Temp-0.230.0-r1 perl-core/File-Temp-0.230.0 virtual/perl-File-Temp-0.230.400-r2 perl-core/File-Temp-0.230.400-r1 Note that we have to keep carrying the patches. Arches please stabilize: virtual/perl-File-Temp-0.230.0-r1 perl-core/File-Temp-0.230.0 dev-lang/perl-5.18.2-r2 Target: all stable arches [The only change in the dev-lang/perl ebuild is the addition of a PDEPEND to ensure that the perl-core package is installed.] amd64 stable x86 stable All three stable on alpha. Stable for HPPA. ppc stable ppc64 stable ia64 stable sparc stable all are stable now Old versions removed. Perl out. (In reply to SpanKY from comment #12) > all are stable now (In reply to Andreas K. Hüttel from comment #13) > Old versions removed. Perl out. Old version restored since arm stabilization was missing. arm please stabilize: virtual/perl-File-Temp-0.230.0-r1 perl-core/File-Temp-0.230.0 dev-lang/perl-5.18.2-r2 arm stable, all arches done. Old versions removed. Perl out. GLSA vote: no. GLSA vote: no, too. Closing noglsa. |