| Revision Date: | 2005-02-15 | Version: | 502 |
| Title: | RHSA-2005:072: perl-DBI security update (Low) |
| Description: | DBI is a database access Application Programming Interface (API) for the Perl programming language.
The Debian Security Audit Project discovered that the DBI library creates a temporary PID file in an insecure manner. A local user could overwrite or create files as a different user who happens to run an application which uses DBI::ProxyServer. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0077 to this issue.
Users should update to this erratum package which disables the temporary PID file unless configured.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | CVE-2005-0077
RHSA-2005:072-01
|
| Platform(s): | Red Hat Enterprise Linux 4
| Product(s): | |
| Definition Synopsis |
| Red Hat Enterprise Linux 4 is installed AND perl-DBI is earlier than 0:1.40-8
AND perl-DBI is signed with Red Hat master key
|