PAR-0.61

Security Advisories (2)

CVE-2011-4114 (2011-07-18)

PAR packed files are extracted to unsafe and predictable temporary directories (this bug was originally reported against PAR::Packer, but it applies to PAR as well).

https://metacpan.org/changes/distribution/PAR
https://rt.cpan.org/Public/Bug/Display.html?id=69560

CVE-2011-5060 (2012-01-13)

The par_mktmpdir function in the PAR module before 1.003 for Perl creates temporary files in a directory with a predictable name without verifying ownership and permissions of this directory, which allows local users to overwrite files when another user extracts a PAR packed program, a different vulnerability in a different package than CVE-2011-4114.

http://cpansearch.perl.org/src/RSCHUPP/PAR-1.003/ChangeLog
https://bugzilla.redhat.com/show_bug.cgi?id=753955
https://rt.cpan.org/Public/Bug/Display.html?id=69560
https://exchange.xforce.ibmcloud.com/vulnerabilities/72435

Documentation

par.pl

Make and Run Perl Archives

Perl Packager

Modules

PAR

Perl Archive Toolkit

PAR::Heavy

PAR guts

Other files

AUTHORS
Changes
MANIFEST
Makefile.PL
README
TODO

To install PAR, copy and paste the appropriate command in to your terminal.

cpanm

cpanm PAR

CPAN shell

perl -MCPAN -e shell
install PAR

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

Documentation

Modules

Other files

Module Install Instructions