Resolved Bugs
1074720 – CVE-2014-2277 perltidy: insecure temporary file creation
1074722 – CVE-2014-2277 perltidy: insecure temporary file creation [epel-5]<br
Jakub Wilk discovered that perltidy’s make_temporary_filename() function insecurely created temporary files via the use of the tmpnam() function. A local attacker could use this flaw to perform a symbolic link attack. This update replaces the use of make_temporary_filename() with the more secure tempname() from the File::Temp module.