FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
13b0c8c8-bee0-11dd-a708-001fc66e7203p5-File-Path -- rmtree allows creation of setuid files

Jan Lieskovsky reports:

perl-File-Path rmtree race condition (CVE-2005-0448 was assigned to address this)

This vulnerability was fixed in 5.8.4-7 but re-introduced in 5.8.8-1. It's also present in File::Path 2.xx, up to and including 2.07 which has only a partial fix.


Discovery 2008-11-28
Entry 2009-01-03
p5-File-Path
lt 2.07_1

CVE-2005-0448
http://www.openwall.com/lists/oss-security/2008/11/28/1
http://www.gossamer-threads.com/lists/perl/porters/233699#233699
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286905