Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 569
Alerts This Week
Warning Icon 1 569

Gentoo: 200212-6 Moderate: Local Exploit in Perl Safe Compartment

gentoo
Calendar Grey December 20, 2002
Scroller Gentoo
- -------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNC
A security hole has been discovered in Safe.pm

Summary


- --------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200212-6
- --------------------------------------------------------------------
DATE    : 2002-12-20 14:12 UTC

- --------------------------------------------------------------------
Quote from
"A security hole has been discovered in Safe.pm. When a Safe compartment has already been used, there's no guarantee that it's safe any longer, because there's a way for code executed within the Safe compartment to alter its operation mask. (Thus, programs that use a Safe compartment only once aren't affected by this bug"
Mor information is available at [perl #17744] Security-Hole in module Safe.pm
SOLUTION
It is recommended that all Gentoo Linux users who are running sys-devel/perl-5.6.1-r9 or sys-devel/5.8.0-r5 and earlier update their systems as follows:
emerge rsync emerge perl emerge clean
ALTERNATIVE SOLUTION
If you don't want to or can't upgrade your perl package right away, y...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

PACKAGE : perl
SUMMARY : broken safe compartment
EXPLOIT : local

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround