[security-announce] Security Update: Perl: CVE-2016-2381, CVE-2016-6185, CVE-2015-8607

Sona Sarmadi sona.sarmadi at enea.com
Tue Oct 4 08:17:23 CEST 2016


		Enea Linux Security Advisory

====================================================================
Product/package: Enea Linux 6.0: (Perl 5.22.1)
Severity: Medium
Architecture: all
CVE Name: CVE-2016-2381, CVE-2016-6185, CVE-2015-8607
====================================================================

Following vulnerabilities have been fixed in Enea Linux 6.0 in Perl
version 5.22.1:

CVE-2016-2381, Medium
CVE-2016-6185, Medium
CVE-2015-8607, Medium

Description
===========
CVE-2016-2381:
Perl might allow context-dependent attackers to bypass the taint
protection mechanism in a child process via duplicate environment
variables in envp.


CVE-2016-6185:
The XSLoader::load method in XSLoader in Perl does not properly locate
.so files when called in a string eval, which might allow local users to
execute arbitrary code via a Trojan horse library under the current
working directory.

CVE-2015-8607:
The canonpath function in the File::Spec module in PathTools before
3.62, as used in Perl, does not properly preserve the taint attribute of
data, which might allow context-dependent attackers to bypass the taint
protection mechanism via a crafted string.

References:
===========
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2381
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8607

Reference to the upstream fixes:
=================================
CVE-2016-2381:
http://perl5.git.perl.org/perl.git/commitdiff/ae37b791a73a9e78dedb89fb2429d2628cf58076

CVE-2016-6185:
http://perl5.git.perl.org/perl.git/commitdiff/08e3451d7

CVE-2015-8607:
https://rt.perl.org/Public/Bug/Display.html?id=126862

Correction for Enea Linux
=========================
CVE-2016-2381:
http://git.enea.com/cgit/linux/poky.git/patch/?id=2561b58ac8131325c3e0248ad4a6533b1dd1b032

CVE-2016-6185:
http://git.enea.com/cgit/linux/poky.git/patch/?id=70c4134e4b33d522d57c2684cf65735c541bcb12

CVE-2015-8607:
http://git.enea.com/cgit/linux/poky.git/patch/?id=5b3af2abd714d94912aad2ad0db9e29e2d62162a

How to get the latest patches
=============================
- If you have already cloned needed repositories, update it to get new
security patches.

cd Enea-Linux-6.0
$ repo sync

- If you have not yet cloned needed repositories, do it as described
below. (Security patches are fetched implicitly when cloning the repos).

Use repo tool to download the source for Enea Linux, follow the steps below:
1. Make sure that the repo tool is installed. If not, follow the
instructions below:

$ curl https://storage.googleapis.com/git-repo-downloads/repo >
~/bin/repo
$ chmod a+x ~/bin/repo

The instruction assumes that ~/bin exists and is included in the PATH
variable.

2.Use the repo tool to download the source:
$ mkdir Enea-Linux-6.0
$ cd Enea-Linux-6.0
$ repo init \
-u git://git.enea.com/linux/el_manifests-standard.git \
-b krogoth\
-m <manifest file>
$ repo sync

The parameter <manifest file> depends on the target:
P2041RDB: p2041rdb/default.xml
LS1021a-IoT: ls1021aiot/default.xml
QEMUARM: qemuarm/default.xml
QEMUPCC: qemuppc/default.xml
QEMUX86: qemux86/default.xml

If you have any questions regarding the security patches and security
updates please contact security at enea.com.

Enea Security Team
Sona Sarmadi
Mobile: +46 70 971 4475
www.enea.com



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://mail.lists.enea.com/pipermail/security-announce/attachments/20161004/a3f35309/attachment.sig>


More information about the security-announce mailing list