USN-1543-1: Config-IniFiles vulnerability
20 August 2012
Config-IniFiles could be made to overwrite arbitrary files.
- libconfig-inifiles-perl - Perl module for working with INI configuration files
It was discovered that the perl Config::IniFiles module created temporary
files in an unsafe manner. A local user with write access to the directory
containing a configuration file that Config-IniFiles manipulates could
exploit this to overwrite arbitrary files.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.