Red Hat Bugzilla – Bug 175467
[patch] Bug in perl-5.8.6-CAN-2004-0976.patch; revised patch
Last modified: 2007-11-30 17:11:18 EST
-----BEGIN PGP SIGNED MESSAGE-----
Description of problem:
There is a bug in the CAN-2004-0976 patch applied to the two most recent
releases of FC4's perl-5.8.6, file 'perl-5.8.6-CAN-2004-0976.patch' in
As you already know, this patch, appearing to be based on the OWL/solartemp
patch, exists to fix insecure temporary file vulnerabilities, especially in
code or documentation that opens (or talks about opening) files insecurely
in the /tmp directory. In the parts of the patch that changes perl pod docs,
solardesigner changes "/tmp" to "/var/run" all over the place.
The portion of the patch that concerns me is for the perl debugger,
perl-5.8.6/lib/perl5db.pl. This patch changes the file "/tmp/perldbtty$$" to
"/var/run/perldbtty$$". This is the file used to tell Term::Rendezvous
what terminal to use when the debugger is running in NonStop mode and needs
Problem is, regular users have no way to create or change a file in directory
/var/run; only root can do this.
I have attached an updated 'perl-5.8.6-CAN-2004-0976.patch' file that fixes
this problem, patching perl5db.pl much like Debian has in their patch called
"09_fix_insecure_tempfiles" gleaned from their
The attached patch also has the benefit of changing the modified lines to
pretty well match the upstream perl-5.8.7 for the same lines.
Version-Release number of selected component (if applicable):
SHA1SUM of attachment:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
-----END PGP SIGNATURE-----
Created attachment 122106 [details]
This has been fixed in perl-5.8.6-22.
See Fedora Update Notification FEDORA-2005-1144:
Thank you, Jason!