Security update for perl-Capture-Tiny

Announcement ID:	SUSE-SU-2015:0316-1
Rating:	moderate
References:	bsc#862743
Cross-References:	CVE-2014-1875
CVSS scores:
Affected Products:	SUSE Linux Enterprise Software Bootstrap Kit 12

An update that solves one vulnerability can now be installed.

Description:

perl-Capture-Tiny was updated to fix one security issue.

This security issue was fixed: - CVE-2014-1875: The Capture::Tiny module before 0.24 for Perl allowed local users to write to arbitrary files via a symlink attack on a temporary file (bnc#862743).

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Software Bootstrap Kit 12
  zypper in -t patch SUSE-SLE-BSK-12-2015-82=1

Package List:

• SUSE Linux Enterprise Software Bootstrap Kit 12 (noarch)
  • perl-Capture-Tiny-0.23-4.1

References:

• https://www.suse.com/security/cve/CVE-2014-1875.html
• https://bugzilla.suse.com/show_bug.cgi?id=862743