Explore top 10 tips to secure your open-source projects now. Read More
×SASL is a generic mechanism for authentication used by several network
protocols. Authen::SASL provides an implementation framework that all
protocols should be able to share.
Update Information:
2.1900 [Fixed] - CVE-2025-40918 (Insecure source of randomness), required addition of dependency on Crypt::URandom [Changed] - Modules Authen::SASL::Perl::CRAM_MD5, Authen::SASL::Perl::DIGEST_MD5 and Authen::SASL::CRAM_MD5 marked as deprecated based on the respective RFC documents; - Update module metadata to point to the new 'perl-authen-sasl' org on GitHub to which the modules moved - Use VERSION declarations in 'package' statements, since our minimum Perl version is 5.14 anyway
* Tue Aug 5 2025 Jitka Plesnikova
[ 1 ] Bug #2381432 - CVE-2025-40918 perl-Authen-SASL: Authen::SASL::Perl::DIGEST_MD5 insecure cnonce generation [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2381432
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-fddaaaf9f0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
Get the latest Linux and open source security news straight to your inbox.