MGASA-2014-0147

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2014-0147.html

Import Source

https://advisories.mageia.org/MGASA-2014-0147.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2014-0147

Related

CVE-2014-2277

Published

2014-03-31T21:16:49Z

Modified

2014-03-31T21:15:50Z

Summary

Updated perltidy package fixes security vulnerability

Details

perltidy's maketemporaryfilename() function insecurely created temporary files via the use of the tmpnam() function. A local attacker could use this flaw to perform a symbolic link attack (CVE-2014-2277).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:4 / perltidy

Package

Name: perltidy
Purl: pkg:rpm/mageia/perltidy?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

20121207.0.0-3.1.mga4

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2014-0147.json"

Mageia:3 / perltidy

Package

Name: perltidy
Purl: pkg:rpm/mageia/perltidy?distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

20121207.0.0-2.1.mga3

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2014-0147.json"