User: Password:
Subscribe / Log in / New account

perltidy: insecure temporary file creation

Package(s):perltidy CVE #(s):CVE-2014-2277
Created:March 24, 2014 Updated:April 1, 2014
Description: From the Red Hat bugzilla:

Jakub Wilk discovered that perltidy's make_temporary_filename() function insecurely created temporary files via the use of the tmpnam() function. A local attacker could use this flaw to perform a symbolic link attack.

Mageia MGASA-2014-0147 perltidy 2014-03-31
Fedora FEDORA-2014-3891 perltidy 2014-03-24
Fedora FEDORA-2014-3874 perltidy 2014-03-24

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds