Your submission was sent successfully! Close

USN-1543-1: Config-IniFiles vulnerability

20 August 2012

Config-IniFiles could be made to overwrite arbitrary files.

Releases

Packages

Details

It was discovered that the perl Config::IniFiles module created temporary
files in an unsafe manner. A local user with write access to the directory
containing a configuration file that Config-IniFiles manipulates could
exploit this to overwrite arbitrary files.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.04
Ubuntu 11.10
Ubuntu 11.04
Ubuntu 10.04

In general, a standard system update will make all the necessary changes.

References