Hello all,
This was fixed in XML-DT-0.66 fixing that issue.
It was just released to CPAN.
Thank you
alberto
On 15/08/14, 21:10, cve-ass...@mitre.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
mkdtskel and mkxmltype using insecurely temporary files using the pid
of the process in t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> mkdtskel and mkxmltype using insecurely temporary files using the pid
> of the process in the temporary file name.
>
> /tmp/_xml_$$
>
> https://bugs.debian.org/756566
Use CVE-2014-5260.
> fixed in XML-DT 0.65 upstream, see
>
> https://metacpan.
2 matches
Mail list logo
