FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

p5-PathTools -- File::Spec::canonpath loses taint

Affected packages
3.4000 < p5-PathTools < 3.6200
5.19.9 <= perl5 < 5.20.2
5.21.0 <= perl5 < 5.22.2
5.23.0 <= perl5 < 5.23.7
5.19.9 <= perl5-devel < 5.20.2
5.21.0 <= perl5-devel < 5.22.2
5.23.0 <= perl5-devel < 5.23.7
5.19.9 <= perl5.20 < 5.20.2
5.21.0 <= perl5.20 < 5.22.2
5.23.0 <= perl5.20 < 5.23.7
5.19.9 <= perl5.22 < 5.20.2
5.21.0 <= perl5.22 < 5.22.2
5.23.0 <= perl5.22 < 5.23.7

Details

VuXML ID 333f655a-b93a-11e5-9efa-5453ed2e2b49
Discovery 2016-01-11
Entry 2016-01-12
Modified 2016-08-22

Ricardo Signes reports:

Beginning in PathTools 3.47 and/or perl 5.20.0, the File::Spec::canonpath() routine returned untained strings even if passed tainted input. This defect undermines the guarantee of taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code.

This defect was found and reported by David Golden of MongoDB.

References

CVE Name CVE-2015-8607
URL https://rt.perl.org/Public/Bug/Display.html?id=126862