CVE-2011-4116 (retired)

Priority
Description
Unsafe use of /tmp in multiple CPAN modules
Notes
sarnoldNo agreed-upon or released patch exists for _is_safe().
Solar Designer questions the _is_safe() MEDIUM and HIGH checks altogether;
attempted patches to check the safety of parent directories forbid /tmp
symlinks. It is probably impossible to make _is_safe() secure.
Ubuntu symlink and hardlink restrictions should prevent this entire class
of problems.
Package
Upstream:ignored
This vulnerability is mitigated in part by the use of hardlink restrictions in Ubuntu. For more details see https://wiki.ubuntu.com/Security/Features#hardlink
This vulnerability is mitigated in part by the use of symlink restrictions in Ubuntu. For more details see https://wiki.ubuntu.com/Security/Features#symlink
Package
Source: perl (LP Ubuntu Debian)
Upstream:ignored
This vulnerability is mitigated in part by the use of hardlink restrictions in Ubuntu. For more details see https://wiki.ubuntu.com/Security/Features#hardlink
This vulnerability is mitigated in part by the use of symlink restrictions in Ubuntu. For more details see https://wiki.ubuntu.com/Security/Features#symlink
More Information

Updated: 2019-10-09 07:39:31 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)