What Are You Looking For?

Popular Tags

Sign Up
--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2023-1e5af38524
2023-07-09 00:38:24.429740
--------------------------------------------------------------------------------Name        : perl-CPAN
Product     : Fedora 37
Version     : 2.36
Release     : 1.fc37
URL         : https://metacpan.org/release/CPAN
Summary     : Query, download and build perl modules from CPAN sites
Description :
The CPAN module automates or at least simplifies the make and install of
perl modules and extensions. It includes some primitive searching
capabilities and knows how to use LWP, https::Tiny, Net::FTP and certain
external download clients to fetch distributions from the net.

--------------------------------------------------------------------------------Update Information:

Security fix for CVE-2023-31484  CPAN.pm before 2.35 does not verify TLS
certificates when downloading distributions over HTTPS. CPAN 2.35 - Add
verify_SSL=>1 to https::Tiny to verify https server identity
--------------------------------------------------------------------------------ChangeLog:

* Mon May 15 2023 Jitka Plesnikova  - 2.36-1
- 2.36 bump
* Tue May  2 2023 Jitka Plesnikova  - 2.35-1
- 2.35 bump
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #2218667 - CVE-2023-31484 perl: CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS
        https://bugzilla.redhat.com/show_bug.cgi?id=2218667
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-1e5af38524' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Fedora 37: perl-CPAN 2023-1e5af38524

July 9, 2023
Security fix for CVE-2023-31484 CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS

Summary

The CPAN module automates or at least simplifies the make and install of

perl modules and extensions. It includes some primitive searching

capabilities and knows how to use LWP, https::Tiny, Net::FTP and certain

external download clients to fetch distributions from the net.

Security fix for CVE-2023-31484 CPAN.pm before 2.35 does not verify TLS

certificates when downloading distributions over HTTPS. CPAN 2.35 - Add

verify_SSL=>1 to https::Tiny to verify https server identity

* Mon May 15 2023 Jitka Plesnikova - 2.36-1

- 2.36 bump

* Tue May 2 2023 Jitka Plesnikova - 2.35-1

- 2.35 bump

[ 1 ] Bug #2218667 - CVE-2023-31484 perl: CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS

https://bugzilla.redhat.com/show_bug.cgi?id=2218667

su -c 'dnf upgrade --advisory FEDORA-2023-1e5af38524' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/keys

package-announce mailing list -- [email protected]

To unsubscribe send an email to [email protected]

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/[email protected]

Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

FEDORA-2023-1e5af38524 2023-07-09 00:38:24.429740 Product : Fedora 37 Version : 2.36 Release : 1.fc37 URL : https://metacpan.org/release/CPAN Summary : Query, download and build perl modules from CPAN sites Description : The CPAN module automates or at least simplifies the make and install of perl modules and extensions. It includes some primitive searching capabilities and knows how to use LWP, https::Tiny, Net::FTP and certain external download clients to fetch distributions from the net. Security fix for CVE-2023-31484 CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS. CPAN 2.35 - Add verify_SSL=>1 to https::Tiny to verify https server identity * Mon May 15 2023 Jitka Plesnikova - 2.36-1 - 2.36 bump * Tue May 2 2023 Jitka Plesnikova - 2.35-1 - 2.35 bump [ 1 ] Bug #2218667 - CVE-2023-31484 perl: CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS https://bugzilla.redhat.com/show_bug.cgi?id=2218667 su -c 'dnf upgrade --advisory FEDORA-2023-1e5af38524' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Change Log

References

Update Instructions

Severity
Product : Fedora 37
Version : 2.36
Release : 1.fc37
URL : https://metacpan.org/release/CPAN
Summary : Query, download and build perl modules from CPAN sites

Related News

Librem 11: Purism Unveils a Privacy-Focused Linux Tablet

Sep 15, 2023

Critical PHP Info Disclosure, Code Execution Bugs Fixed

Sep 7, 2023

Multiple Severe, Remotely Exploitable Chromium Vulns Fixed

Sep 15, 2023

Remotely Exploitable Poppler DoS Bugs Fixed - Update Now!

Sep 22, 2023

News

Advisories

HOWTOs

Features

The Unseen Potential of Wake-on-LAN
Linux Vulnerabilities: The Antidote to This Linux Security Poison
Preventing Linux DDoS Attacks with Minimal Cybersecurity Knowledge
Navigating Software Scalability: A Practical Guide to Building Scalable Systems with Linux
Unlocking the Secrets of Linux Security: An Expert Analysis

About Us

Powered By

Footer Logo

Feedback