-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : perl Version : 5.14.2-21+deb7u5 CVE ID : CVE-2017-6512 Debian Bug : 863870
The cPanel Security Team reported a time of check to time of use (TOCTTOU) race condition flaw in File::Path, a core module from Perl to create or remove directory trees. An attacker can take advantage of this flaw to set the mode on an attacker-chosen file to an attacker-chosen value. For Debian 7 "Wheezy", these problems have been fixed in version 5.14.2-21+deb7u5. We recommend that you upgrade your perl packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlk1oCQACgkQnUbEiOQ2 gwJOdxAAo31oFsKJMeADD4VS1YOjg4B4dXAVIHTQIVlCv0Fd+KAmv1p/aUTHI3/Z T7cvTtd0anT4ad63wTJfsuyFuoAm3e50GK+PBipS5v5Wzkli6A6Hjyy5DYPH41az LgXyPtZepRL4XTzfBjehH1A2hy0KU1Q/DmwKhRQC9f1a1lVwGV/IZ4w//eG4cMYD 0XZpBImytsvGSI9b8GJBRpAd57PSm8dHorvwUjzHIkZQxOmZWlH3aY+hQNIfxMn+ QJcXY58FvifkjPF3SV5zl8mN5emhkLi2Ac06QmFJ/XECzrz1YDwO1PNf2pblbNmr O/4l3oPhjo0TH2VGWx+zzdBXe1aaWasfq1P20GhQEfz80r5hxetK7gU4afleXGi1 cy3qdVM6IiQNBY9qc71LCkAhm/xmpiuL77UkZsAb3zgM4Yl7Yxn+RXL4oz2o7W07 K+zfu6k6sdk54vR5DUeGTANMUF+e+KHm3PjWOZPkyIjyptns2yyEgcRfbi0+5eRa OiHTz+sZBj8vNIQKpy0cRy1zfcRDuiUiwfohHaaOR8avRLlqWTB7T2T65qQrw2mP qjHTAXwu74/DIs2n5bXB8XpUYz3QLpRHxzJa7wtasng+GLvjxhy+g88mfrG3SCWg 84fk+TdTiesgPeiYTp+xsO76XIB6ELhlIigm21WxaNtz09/B1pw= =6S6M -----END PGP SIGNATURE-----
