Explore top 10 tips to secure your open-source projects now. Read More
×
Description:
The updated package fixes a security vulnerability:
Config::IniFiles versions before 3.001000 for Perl allow OS command
injection and file overwrite via a 2-arg open() of the -file argument in
_make_filehandle. (CVE-2026-11527)
- https://bugs.mageia.org/show_bug.cgi?id=35701
- https://www.openwall.com/lists/oss-security/2026/06/14/5
- https://metacpan.org/release/SHLOMIF/Config-IniFiles-3.001000/changes
- https://ubuntu.com/security/notices/USN-8445-1
- https://lists.debian.org/debian-security-announce/2026/msg00265.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KNV5NUG6UF4JCFTI7P253PPUETZTA4HE/
- https://www.cve.org/CVERecord?id=CVE-2026-11527
- 10/core/perl-Config-IniFiles-3.0.3-3.1.mga10
- 9/core/perl-Config-IniFiles-3.0.3-2.1.mga9
Publication date:18 Jul 2026
Get the latest Linux and open source security news straight to your inbox.