Fedora 42: perl-Plack-Middleware-Session Critical CVE-2025-40923 ID Issue
fedora
September 16, 2025
This update upgrade the package to version 0.36
Summary
This is a Plack Middleware component for session management. By default it
will use cookies to keep session state and store data in memory. This
distribution also comes with other state and store solutions.
Update Information:
This update upgrade the package to version 0.36. This version fixes CVE-2025-40923 by using Crypt::SysRandom to generate secure session IDs.
Topics Covered
Change Log
* Sun Aug 31 2025 Emmanuel Seyman
References
[ 1 ] Bug #2381421 - CVE-2025-40923 perl-Plack-Middleware-Session: Plack-Middleware-Session insecure session ids [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2381421
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-ca07c36a0a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: perl-Plack-Middleware-Session
Product: Fedora 42
Version: 0.36
Release: 1.fc42
Summary: Middleware for session management
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!