Explore top 10 tips to secure your open-source projects now. Read More
×This module provides functions that deal the date formats used by the HTTP
protocol (and then some more). Only the first two functions, time2str() and
str2time(), are exported by default.
Update Information:
Changes: 6.08 2026-07-09 02:04:21Z - [SECURITY] Reject input longer than 64 characters in parse_date() to prevent quadratic regex backtracking (a denial of service) on hostile date strings. Fixes CVE-2026-14741. (Olaf Alders) 6.07 2026-06-25 15:12:09Z - Add test with Time::Zone (GH#25) (Michal Josef Špaček) - Add test with bad Time::Zone string (GH#26) (Michal Josef Špaček) - Add tests with negative time (GH#26) (Michal Josef Špaček) - Replace all instances of \d with [0-9] in regular expressions to reject non-ASCII Unicode digits, with a regression test (GH#27) (Robert Rothenberg) - Reject malformed ISO 8601 timezones with a doubled colon (GH#31) (Olaf Alders) - Document day/month/year ordering for numeric dates (GH#32) (Olaf Alders)
* Mon Jul 13 2026 Michal Josef Špaček
[ 1 ] Bug #2492991 - perl-HTTP-Date-6.08 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2492991
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-8cec3cbf5b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
Get the latest Linux and open source security news straight to your inbox.