ELA-7-1 perl security update

directory traversal flaw

2018-06-23
Packageperl
Version5.14.2-21+deb7u7
Related CVEs CVE-2018-12015

Jakub Wilk discovered a directory traversal flaw in the Archive::Tar module, allowing an attacker to overwrite any file writable by the extracting user via a specially crafted tar archive.

For Debian 7 Wheezy, these problems have been fixed in version 5.14.2-21+deb7u7.

We recommend that you upgrade your perl packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/