Advisories ยป MGASA-2014-0390

Updated perl-XML-DT package fix CVE-2014-5260

Publication date: 26 Sep 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-5260

Description

Updated perl-XML-DT package fixes security vulnerability:

The mkxmltype and mkdtskel scripts provided in perl-XML-DT allow local users
to overwrite arbitrary files via a symlink attack on a /tmp/_xml_#####
temporary file (CVE-2014-5260).
                

References

SRPMS

3/core

4/core