Fedora 37: perl-CPAN 2023-1e5af38524
Summary
The CPAN module automates or at least simplifies the make and install of
perl modules and extensions. It includes some primitive searching
capabilities and knows how to use LWP, HTTP::Tiny, Net::FTP and certain
external download clients to fetch distributions from the net.
Security fix for CVE-2023-31484 CPAN.pm before 2.35 does not verify TLS
certificates when downloading distributions over HTTPS. CPAN 2.35 - Add
verify_SSL=>1 to HTTP::Tiny to verify https server identity
* Mon May 15 2023 Jitka Plesnikova
- 2.36 bump
* Tue May 2 2023 Jitka Plesnikova
- 2.35 bump
[ 1 ] Bug #2218667 - CVE-2023-31484 perl: CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS
https://bugzilla.redhat.com/show_bug.cgi?id=2218667
su -c 'dnf upgrade --advisory FEDORA-2023-1e5af38524' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Do not reply to spam, report it: https://pagure.io/login/
FEDORA-2023-1e5af38524 2023-07-09 00:38:24.429740 Product : Fedora 37 Version : 2.36 Release : 1.fc37 URL : https://metacpan.org/dist/CPAN Summary : Query, download and build perl modules from CPAN sites Description : The CPAN module automates or at least simplifies the make and install of perl modules and extensions. It includes some primitive searching capabilities and knows how to use LWP, HTTP::Tiny, Net::FTP and certain external download clients to fetch distributions from the net. Security fix for CVE-2023-31484 CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CPAN 2.35 - Add verify_SSL=>1 to HTTP::Tiny to verify https server identity * Mon May 15 2023 Jitka Plesnikova - 2.36-1 - 2.36 bump * Tue May 2 2023 Jitka Plesnikova - 2.35-1 - 2.35 bump [ 1 ] Bug #2218667 - CVE-2023-31484 perl: CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS https://bugzilla.redhat.com/show_bug.cgi?id=2218667 su -c 'dnf upgrade --advisory FEDORA-2023-1e5af38524' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/ Do not reply to spam, report it: https://pagure.io/login/
Change Log
References