blob: d941af80b4c9549cbd47de1e316894d095200517 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200501-38">
<title>Perl: rmtree and DBI tmpfile vulnerabilities</title>
The Perl DBI library and File::Path::rmtree function are vulnerable to
symlink attacks.
<product type="ebuild">Perl</product>
<announced>January 26, 2005</announced>
<revised>March 15, 2005: 03</revised>
<package name="dev-perl/DBI" auto="yes" arch="*">
<unaffected range="rge">1.37-r1</unaffected>
<unaffected range="ge">1.38-r1</unaffected>
<vulnerable range="le">1.38</vulnerable>
<package name="dev-lang/perl" auto="yes" arch="*">
<unaffected range="ge">5.8.6-r4</unaffected>
<unaffected range="rge">5.8.5-r5</unaffected>
<unaffected range="rge">5.8.4-r4</unaffected>
<unaffected range="rge">5.8.2-r4</unaffected>
<vulnerable range="le">5.8.6-r3</vulnerable>
Perl is a cross platform programming language. The DBI is the standard
database interface module for Perl.
Javier Fernandez-Sanguino Pena discovered that the DBI library creates
temporary files in an insecure, predictable way (CAN-2005-0077). Paul
Szabo found out that "File::Path::rmtree" is vulnerable to various race
conditions (CAN-2004-0452, CAN-2005-0448).
<impact type="normal">
A local attacker could create symbolic links in the temporary files
directory that point to a valid file somewhere on the filesystem. When
the DBI library or File::Path::rmtree is executed, this could be used
to overwrite or remove files with the rights of the user calling these
There are no known workarounds at this time.
All Perl users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose dev-lang/perl</code>
All DBI library users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose dev-perl/DBI</code>
<uri link="">CAN-2004-0452</uri>
<uri link="">CAN-2005-0077</uri>
<uri link="">CAN-2005-0448</uri>
<metadata tag="submitter" timestamp="Wed, 26 Jan 2005 15:06:53 +0000">
<metadata tag="bugReady" timestamp="Wed, 26 Jan 2005 20:14:36 +0000">