Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: CAN-2005-0448 perl File::Path.pm rmtree race condition
Product: Fedora Core
+++ This bug was initially created as a clone of Bug #157695 +++
Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4
allows local users to create arbitrary setuid binaries in the tree being
deleted, a different vulnerability than CAN-2004-0452.
attachment 114350 contains the ubuntu patch (it needs some cleaning up)
-- Additional comment from wtogami(a)redhat.com on 2005-05-28 02:05 EST --
"Race condition in the rmtree function in File::Path.pm in Perl before 5.8.4
allows local users to create arbitrary setuid binaries"
5.8.4 means FC3 is unaffected because we have perl-5.8.5? Can someone confirm?
-- Additional comment from bressers(a)redhat.com on 2005-05-28 08:41 EST --
I just took a look at the latest perl source, this issue has not been fixed by
upstream. It's proving very hard to do right, which is probably why upstream
hasn't done it yet.
-- Additional comment from wtogami(a)redhat.com on 2005-05-31 06:40 EST --
Attachment to fix this security bug is from Ubuntu, but we require help cleaning
it up and testing before issuing a FC3 update. Apparently this is a difficult
problem to fix, and this is our second attempt doing so. =(
-- Additional comment from prockai(a)redhat.com on 2005-06-15 14:01 EST --
Created an attachment (id=115494)
Why not just use the debian patch? (attached)
-- Additional comment from prockai(a)redhat.com on 2005-06-16 04:22 EST --
Assigning to self.
-- Additional comment from prockai(a)redhat.com on 2005-06-16 08:15 EST --
Patched in CVS. Testing requested - if anyone has an exploit or something like
that, please try out. The testsuite passes exactly like before patching, but
regression testing is welcome as well.
-- Additional comment from prockai(a)redhat.com on 2005-07-28 09:07 EST --
Fixed in FC3 update perl-5.8.5-14.FC3
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.