FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-09 22:37:04 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
333f655a-b93a-11e5-9efa-5453ed2e2b49	p5-PathTools -- File::Spec::canonpath loses taint Ricardo Signes reports: Beginning in PathTools 3.47 and/or perl 5.20.0, the File::Spec::canonpath() routine returned untained strings even if passed tainted input. This defect undermines the guarantee of taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code. This defect was found and reported by David Golden of MongoDB. Discovery 2016-01-11 Entry 2016-01-12 Modified 2016-08-22 p5-PathTools gt 3.4000 lt 3.6200 perl5 perl5.20 perl5.22 perl5-devel ge 5.19.9 lt 5.20.2 ge 5.21.0 lt 5.22.2 ge 5.23.0 lt 5.23.7 CVE-2015-8607 https://rt.perl.org/Public/Bug/Display.html?id=126862

VuXML ID

Description

333f655a-b93a-11e5-9efa-5453ed2e2b49

p5-PathTools -- File::Spec::canonpath loses taint

Ricardo Signes reports:

Beginning in PathTools 3.47 and/or perl 5.20.0, the File::Spec::canonpath() routine returned untained strings even if passed tainted input. This defect undermines the guarantee of taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code.

This defect was found and reported by David Golden of MongoDB.

Discovery 2016-01-11
Entry 2016-01-12
Modified 2016-08-22
p5-PathTools

gt 3.4000 lt 3.6200

perl5
perl5.20
perl5.22
perl5-devel

ge 5.19.9 lt 5.20.2

ge 5.21.0 lt 5.22.2

ge 5.23.0 lt 5.23.7

CVE-2015-8607
https://rt.perl.org/Public/Bug/Display.html?id=126862