USN-700-1: Perl vulnerabilities

Ubuntu Security Notice USN-700-1

23rd December, 2008

libarchive-tar-perl, perl vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 8.10
  • Ubuntu 8.04 LTS
  • Ubuntu 7.10
  • Ubuntu 6.06 LTS

Software description

  • libarchive-tar-perl
  • perl

Details

Jonathan Smith discovered that the Archive::Tar Perl module did not
correctly handle symlinks when extracting archives. If a user or
automated system were tricked into opening a specially crafted tar file,
a remote attacker could over-write arbitrary files. (CVE-2007-4829)

Tavis Ormandy and Will Drewry discovered that Perl did not correctly
handle certain utf8 characters in regular expressions. If a user or
automated system were tricked into using a specially crafted expression,
a remote attacker could crash the application, leading to a denial
of service. Ubuntu 8.10 was not affected by this issue. (CVE-2008-1927)

A race condition was discovered in the File::Path Perl module's rmtree
function. If a local attacker successfully raced another user's call
of rmtree, they could create arbitrary setuid binaries. Ubuntu 6.06
and 8.10 were not affected by this issue. (CVE-2008-5302)

A race condition was discovered in the File::Path Perl module's rmtree
function. If a local attacker successfully raced another user's call of
rmtree, they could delete arbitrary files. Ubuntu 6.06 was not affected
by this issue. (CVE-2008-5303)

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 8.10:
perl-modules 5.10.0-11.1ubuntu2.2
Ubuntu 8.04 LTS:
libarchive-tar-perl 1.36-1ubuntu0.1
perl-modules 5.8.8-12ubuntu0.3
libperl5.8 5.8.8-12ubuntu0.3
Ubuntu 7.10:
libarchive-tar-perl 1.31-1ubuntu0.1
perl-modules 5.8.8-7ubuntu3.4
libperl5.8 5.8.8-7ubuntu3.4
Ubuntu 6.06 LTS:
libarchive-tar-perl 1.26-2ubuntu0.1
libperl5.8 5.8.7-10ubuntu1.2

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system upgrade is sufficient to effect the
necessary changes.

References

CVE-2007-4829, CVE-2008-1927, CVE-2008-5302, CVE-2008-5303