oss-sec mailing list archives

CVE id request: perl

From: Steffen Joeris <steffen.joeris () skolelinux de>
Date: Sat, 21 Jun 2008 13:25:36 +0200

Hi

rmtree() when used with symlinks changes permissions of the link target to the
link, which allows symlinks attacks.

Upstream Bug:
http://rt.cpan.org/Public/Bug/Display.html?id=36982

Debian Bug (with proposed patch):
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487319


Could I please have a CVE id for this?

Cheers
Steffen

Attachment: signature.asc
Description: This is a digitally signed message part.

Current thread:

CVE id request: perl Steffen Joeris (Jun 21)
- Re: CVE id request: perl Steven M. Christey (Jun 23)