https://bugzilla.redhat.com/show_bug.cgi?id=1456771 Bug ID: 1456771 Summary: CVE-2017-0374 perl-Config-Model: Local privilege escalation via crafted model Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@xxxxxxxxxx Reporter: amaris@xxxxxxxxxx CC: david.hannequin@xxxxxxxxx, perl-devel@xxxxxxxxxxxxxxxxxxxxxxx lib/Config/Model.pm in Config-Model (aka libconfig-model-perl) before 2.102 allows local users to gain privileges via a crafted model in the current working directory, related to use of . with the INC array. Debian patch: https://anonscm.debian.org/cgit/pkg-perl/packages/libconfig-model-perl.git/commit/?h=stretch&id=0de8471e5a8958ad37446dfcd0362a269e3ec573 -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ perl-devel mailing list -- perl-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to perl-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
