Fedora 42: Important Nonce Security Fix for perl-Catalyst-Authentication
fedora
September 16, 2025
This update upgrade the package to version 1.019
Summary
This module lets you use HTTP authentication with
Catalyst::Plugin::Authentication. Both basic and digest authentication are
currently supported.
Update Information:
This update upgrade the package to version 1.019. This version fixes CVE-2025-40920 by using Crypt::SysRandom to generate nonces instead of Data::UUID.
Topics Covered
Change Log
* Sun Aug 31 2025 Emmanuel Seyman
References
[ 1 ] Bug #2387730 - CVE-2025-40920 perl-Catalyst-Authentication-Credential-HTTP: Catalyst::Authentication::Credential::HTTP insecure nonce generation [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2387730
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-d72429a1f8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Name: perl-Catalyst-Authentication-Credential-HTTP
Product: Fedora 42
Version: 1.019
Release: 1.fc42
Summary: HTTP Basic and Digest authentication for Catalyst
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!