perl: add upstream security fix for CVE-2018-12015 - buildroot

diff options

author	Peter Korsgaard <peter@korsgaard.com>	2018-06-12 17:21:30 +0200
committer	Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2018-06-13 22:52:11 +0200
commit	66760f27342fccacdba64269525a3a32d0518905 (patch)
tree	2ba428f3a68da5e912e9d6b54b7bd4312834fd6d /docs/manual/adding-packages-golang.txt
parent	cbf4ead19c7336efd5e04becea23727ca65ffdaf (diff)
download	buildroot-66760f27342fccacdba64269525a3a32d0518905.tar.gz buildroot-66760f27342fccacdba64269525a3a32d0518905.zip

perl: add upstream security fix for CVE-2018-12015

Fixes CVE-2018-12015 - In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. Patch from https://github.com/jib/archive-tar-new/commit/ae65651eab053fc6dc4590dbb863a268215c1fc5 with path rewritten to match perl tarball. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Diffstat (limited to 'docs/manual/adding-packages-golang.txt')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: