CVE-2017-6512 (retired)

Priority
Description
Race condition in the rmtree and remove_tree functions in the File-Path
module before 2.13 for Perl allows attackers to set the mode on arbitrary
files via vectors involving directory-permission loosening logic.
Package
Source: perl (LP Ubuntu Debian)
Upstream:released (5.24.1-3)
Ubuntu 12.04 ESM (Precise Pangolin):released (5.14.2-6ubuntu2.7)
Ubuntu 14.04 LTS (Trusty Tahr):released (5.18.2-2ubuntu1.4)
Ubuntu 16.04 LTS (Xenial Xerus):released (5.22.1-9ubuntu0.3)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.26.0-5)
Patches:
Upstream:https://github.com/jkeenan/File-Path/commit/e5ef95276ee8ad471c66ee574a5d42552b3a6af2
More Information

Updated: 2019-03-26 12:26:16 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)