https://bugzilla.redhat.com/show_bug.cgi?id=1591205
Bug ID: 1591205 Summary: CVE-2018-12015 perl-Archive-Tar: perl: Directory traversal in Archive::Tar [fedora-all] Product: Fedora Version: 28 Component: perl-Archive-Tar Keywords: Security, SecurityTracking Severity: low Priority: low Assignee: jplesnik@redhat.com Reporter: cbuissar@redhat.com QA Contact: extras-qa@fedoraproject.org CC: alexl@redhat.com, caillon+fedoraproject@gmail.com, caolanm@redhat.com, john.j5live@gmail.com, jplesnik@redhat.com, kasal@ucw.cz, mbarnes@fastmail.com, perl-devel@lists.fedoraproject.org, rhughes@redhat.com, rstrode@redhat.com, sandmann@redhat.com, steve@silug.org
https://bugzilla.redhat.com/show_bug.cgi?id=1591205
--- Comment #1 from Cedric Buissart cbuissar@redhat.com --- Use the following template to for the 'fedpkg update' request to submit an update for this issue as it contains the top-level parent bug(s) as well as this tracking bug. This will ensure that all associated bugs get updated when new packages are pushed to stable.
=====
# bugfix, security, enhancement, newpackage (required) type=security
# testing, stable request=testing
# Bug numbers: 1234,9876 bugs=1588760,1591205
# Description of your update notes=Security fix for [PUT CVEs HERE]
# Enable request automation based on the stable/unstable karma thresholds autokarma=True stable_karma=3 unstable_karma=-3
# Automatically close bugs when this marked as stable close_bugs=True
# Suggest that users restart after update suggest_reboot=False
======
Additionally, you may opt to use the bodhi web interface to submit updates:
https://bodhi.fedoraproject.org/updates/new
https://bugzilla.redhat.com/show_bug.cgi?id=1591205
Cedric Buissart cbuissar@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1588760 (CVE-2018-12015)
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1588760 [Bug 1588760] CVE-2018-12015 perl: Directory traversal in Archive::Tar
https://bugzilla.redhat.com/show_bug.cgi?id=1591205
Petr Pisar ppisar@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED CC| |ppisar@redhat.com Resolution|--- |DUPLICATE Last Closed| |2018-06-14 06:09:49
--- Comment #2 from Petr Pisar ppisar@redhat.com ---
*** This bug has been marked as a duplicate of bug 1588761 ***
perl-devel@lists.fedoraproject.org