Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 2.1 product line. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 140058

Summary: CVE-2004-0976 temporary file vulnerabilities in Perl
Product: Red Hat Enterprise Linux 2.1 Reporter: Josh Bressers <bressers>
Component: perlAssignee: Robin Norwood <robin.norwood>
Status: CLOSED CURRENTRELEASE QA Contact: David Lawrence <dkl>
Severity: low Docs Contact:
Priority: medium    
Version: 2.1CC: jnovy
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=low,public=20041019,reported=20040910,source=vendorsec
Fixed In Version: 5.6.1-38.EL2_1 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-10-04 18:17:00 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 132992    

Description Josh Bressers 2004-11-19 15:59:10 UTC 
OWL disclosed a number of fixes for temporary file vulnerabilities in
Perl.  Patch is attachment 105443 [details].
Comment 1 Naoto Ishida 2006-03-29 05:08:28 UTC 
Any news on this topic?
Comment 2 Josh Bressers 2006-03-29 11:57:53 UTC 
This issue has been assigned a severity of "low" due to the very limited damage,
along with extreme difficulty in exploiting.  We do not plan to fix this issue
by itself, but rather wait for another more serious issue and include this fix
at that time.

If you feel our severity rating is too low, please let me know.
Comment 3 Jason Vas Dias 2006-04-22 01:24:34 UTC 
fixed with perl-5.6.1-38.EL2_1
Comment 4 Robin Norwood 2006-10-01 23:28:32 UTC 
assigning to rnorwood