We received the following report via full-disclosure.
The issue is public.
This is said to be not the same as CAN-2004-0452 (#56715)

Date: Fri, 29 Apr 2005 05:13:59 -0600
From: Mandriva Security Team <security@mandriva.com>
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] MDKSA-2005:079 - Updated perl packages to fix
	rmtree vulnerability
X-Spam-Level: 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

                Mandriva Linux Security Update Advisory
 _______________________________________________________________________

 Package name:           perl
 Advisory ID:            MDKSA-2005:079
 Date:                   April 28th, 2005

 Affected versions:	 10.0, 10.1, 10.2, Corporate 3.0,
			 Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 Paul Szabo discovered another vulnerability in the rmtree() function
 in File::Path.pm. While a process running as root (or another user)
 was busy deleting a directory tree, a different user could exploit a
 race condition to create setuid binaries in this directory tree,
 provided that he already had write permissions in any subdirectory of
 that tree.
 
 The provided packages have been patched to resolve this problem.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0448
 ______________________________________________________________________

 Updated Packages:
  
 ....