Gentoo: 200212-6 Moderate: Local Exploit in Perl Safe Compartment
gentoo
December 20, 2002
A security hole has been discovered in Safe.pm
Summary
- -------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200212-6 - -------------------------------------------------------------------- DATE : 2002-12-20 14:12 UTC
- --------------------------------------------------------------------
Quote from
"A security hole has been discovered in Safe.pm. When a Safe compartment has already been used, there's no guarantee that it's safe any longer, because there's a way for code executed within the Safe compartment to alter its operation mask. (Thus, programs that use a Safe compartment only once aren't affected by this bug"
Mor information is available at [perl #17744] Security-Hole in module Safe.pm
SOLUTION
It is recommended that all Gentoo Linux users who are running sys-devel/perl-5.6.1-r9 or sys-devel/5.8.0-r5 and earlier update their systems as follows:
emerge rsync emerge perl emerge clean
ALTERNATIVE SOLUTION
If you don't want to or can't upgrade your perl package right away, y...Read the Full Advisory
Topics Covered
Resolution
References
Availability
style>.gentoo_availability{display:block;}
Concerns
PREVIOUS
NEXT
PACKAGE : perl
SUMMARY : broken safe compartment
EXPLOIT : local
Topics Covered
Background
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Affected Packages
Impact
Workaround
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!