[Bug 1591449] CVE-2018-10860 perl-Archive-Zip: Directory traversal in Archive::Zip

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

https://bugzilla.redhat.com/show_bug.cgi?id=1591449

Cedric Buissart <cbuissar@xxxxxxxxxx> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
              Group|security, qe_staff          |
                 CC|                            |alexl@xxxxxxxxxx,
                   |                            |caillon+fedoraproject@gmail
                   |                            |.com,
                   |                            |john.j5live@xxxxxxxxx,
                   |                            |jplesnik@xxxxxxxxxx,
                   |                            |kasal@xxxxxx,
                   |                            |mbarnes@xxxxxxxxxxxx,
                   |                            |perl-devel@lists.fedoraproj
                   |                            |ect.org,
                   |                            |perl-maint-list@xxxxxxxxxx,
                   |                            |rhughes@xxxxxxxxxx,
                   |                            |rstrode@xxxxxxxxxx,
                   |                            |sandmann@xxxxxxxxxx,
                   |                            |steve@xxxxxxxxx
            Summary|EMBARGOED CVE-2018-10860    |CVE-2018-10860
                   |perl-Archive-Zip: Directory |perl-Archive-Zip: Directory
                   |traversal in Archive::Zip   |traversal in Archive::Zip
         Whiteboard|impact=moderate,reported=20 |impact=moderate,public=2018
                   |180614,source=redhat,cvss3= |0628,reported=20180614,sour
                   |5.4/CVSS:3.0/AV:N/AC:L/PR:N |ce=redhat,cvss3=5.4/CVSS:3.
                   |/UI:R/S:U/C:N/I:L/A:L,cwe=C |0/AV:N/AC:L/PR:N/UI:R/S:U/C
                   |WE-22,rhel-5/perl-Archive-Z |:N/I:L/A:L,cwe=CWE-22,rhel-
                   |ip=wontfix,rhel-6/perl-Arch |5/perl-Archive-Zip=wontfix,
                   |ive-Zip=wontfix,rhel-7/perl |rhel-6/perl-Archive-Zip=won
                   |-Archive-Zip=affected,rhel- |tfix,rhel-7/perl-Archive-Zi
                   |8/perl-Archive-Zip=affected |p=affected,rhel-8/perl-Arch
                   |,fedora-all/perl-Archive-Zi |ive-Zip=affected,fedora-all
                   |p=affected,rhscl-3/rh-perl5 |/perl-Archive-Zip=affected,
                   |26-perl-Archive-Tar=affecte |rhscl-3/rh-perl526-perl-Arc
                   |d,rhscl-3/rh-perl524-perl-A |hive-Tar=affected,rhscl-3/r
                   |rchive-Tar=affected,rhscl-3 |h-perl524-perl-Archive-Tar=
                   |/rh-perl520-perl-Archive-Ta |affected,rhscl-3/rh-perl520
                   |r=wontfix                   |-perl-Archive-Tar=wontfix



-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
perl-devel mailing list -- perl-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to perl-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/perl-devel@xxxxxxxxxxxxxxxxxxxxxxx/message/WXVBPSBHP4LZNG4C3OUUOEE5E4SEYAJL/
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Legacy Announce]     [Fedora PHP Devel]     [Kernel Devel]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite Information]

  Powered by Linux