Wind River Support Network

HomeDefectsLIN7-6593

Fixed

LIN7-6593 : Security Advisory - perl - CVE-2015-8607

Created: Jul 27, 2016 Updated: Sep 8, 2018

Resolved Date: Aug 8, 2016

Found In Version: 7.0.0.18

Fix Version: 7.0.0.19

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8607

Other Downloads

Wind River Linux 7.0.0.19
Wind River Linux 7.0.0.20
Wind River Linux 7.0.0.21
Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2015-8607