[Bug 1456771] New: CVE-2017-0374 perl-Config-Model: Local privilege escalation via crafted model

bugzilla Tue, 30 May 2017 03:37:19 -0700

https://bugzilla.redhat.com/show_bug.cgi?id=1456771


            Bug ID: 1456771
           Summary: CVE-2017-0374 perl-Config-Model: Local privilege
                    escalation via crafted model
           Product: Security Response
         Component: vulnerability
          Keywords: Security
          Severity: medium
          Priority: medium
          Assignee: [email protected]
          Reporter: [email protected]
                CC: [email protected],
                    [email protected]



lib/Config/Model.pm in Config-Model (aka libconfig-model-perl) before 2.102
allows local users to gain privileges via a crafted model in the current
working directory, related to use of . with the INC array.

Debian patch:

https://anonscm.debian.org/cgit/pkg-perl/packages/libconfig-model-perl.git/commit/?h=stretch&id=0de8471e5a8958ad37446dfcd0362a269e3ec573

-- 
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
perl-devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]

[Bug 1456771] New: CVE-2017-0374 perl-Config-Model: Local privilege escalation via crafted model

Reply via email to