News

=========================================================== Ubuntu Security Notice USN-94-1 March 09, 2005 perl vulnerability CAN-2005-0448 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: perl-modules The problem can be corrected by upgrading the affected package to version 5.8.4-2ubuntu0.4. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Paul Szabo discovered another vulnerability in the rmtree() function in File::Path.pm. While a process running as root (or another user) was busy deleting a directory tree, a different user could exploit a race condition to create setuid binaries in this directory tree, provided that he already had write permissions in any subdirectory of that tree.