https://bugzilla.redhat.com/show_bug.cgi?id=1456771
Bug ID: 1456771
Summary: CVE-2017-0374 perl-Config-Model: Local privilege
escalation via crafted model
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: amaris(a)redhat.com
CC: david.hannequin(a)gmail.com,
perl-devel(a)lists.fedoraproject.org
lib/Config/Model.pm in Config-Model (aka libconfig-model-perl) before 2.102
allows local users to gain privileges via a crafted model in the current
working directory, related to use of . with the INC array.
Debian patch:
https://anonscm.debian.org/cgit/pkg-perl/packages/libconfig-model-perl.gi...
--
You are receiving this mail because:
You are on the CC list for the bug.