FEDORA-2018-6abfa0012f

security update in Fedora 28 for perl-Archive-Zip

Status: stable a year ago

This release fixes a directory and symbolic link traversal vulnerability in Archive::Zip::Archive Perl module that allows an attacker to writite into an arbitrary file accesible by a local user.

Comments 5

This update has been submitted for testing by ppisar.

a year ago

This update has been pushed to testing.

a year ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

a year ago

This update has been submitted for stable by ppisar.

a year ago

This update has been pushed to stable.

a year ago

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Disabled
Autopush (time)
Disabled
Dates
submitted a year ago
in testing a year ago
in stable a year ago

Related Bugs 2
00 #1591449 CVE-2018-10860 perl-Archive-Zip: Directory traversal in Archive::Zip
00 #1596132 CVE-2018-10860 perl-Archive-Zip: Directory traversal in Archive::Zip [fedora-all]

Automated Test Results

Copyright © 2007-2019 Red Hat, Inc. and others.

Running bodhi-4.1.0 on bodhi-web-91-cdvdt.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Legal | Privacy policy