Ubuntu has issued an advisory today (August 4):
Mageia 8 is also affected.
Patch available from upstream and Ubuntu
This SRPM is maintained by different people, so assigning the bug globally.
The updated packages fix a security vulnerability:
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). (CVE-2014-10402)
Updated packages in core/updates_testing:
Patch available from upstream and Ubuntu =>