perl 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1155649097
업데이트 : 2006.08.15
Kevin Finisterre discovered a flaw in sperl, the Perl setuid wrapper, which
can cause debugging information to be logged to arbitrary files. By setting
an environment variable, a local user could cause sperl to create, as root,
files with arbitrary filenames, or append the debugging information to
existing files. (CVE-2005-0155)
A fix for this issue was first included in the update RHSA-2005:103
released in February 2005. However the patch to correct this issue was
dropped from the update RHSA-2005:674 made in October 2005. This
regression has been assigned CVE-2006-3813.
Autoupdates 지원 : 지원