Updated perl and perl-PathTools packages fix security vulnerability
Publication date: 20 Jan 2016Type: security
Affected Mageia releases : 5
CVE: CVE-2015-8607
Description
It was reported that File::Spec::canonpath() routine returns untainted strings even if passed tainted input. This defect undermines the guarantee of taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code (CVE-2015-8607).
References
SRPMS
5/core
- perl-5.20.1-8.1.mga5
- perl-PathTools-3.470.0-7.1.mga5