Alerts This Week
Warning Icon 1 1,149
Alerts This Week
Warning Icon 1 1,149

Mageia 2024-0339: cpanminus Security Advisory Updates

mageia
Calendar Grey October 27, 2024
Dist Mageia Esm H88
Mageia Security Update: cpanminus package fixes critical code execution risk in Perl. Immediate updates advised.
The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers

Summary

The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers. (CVE-2024-45321)

References

- https://bugs.mageia.org/show_bug.cgi?id=33631

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5W36RUTOUQ2VUGWG2FCEBOWNRYS6RBI/

- https://www.cve.org/CVERecord?id=CVE-2024-45321

Resolution

SRPMS

- 9/core/cpanminus-1.704.500-2.1.mga9

Severity
important
Lowest
Low
Medium
High
Critical

Publication date: 27 Oct 2024
URL: https://advisories.mageia.org/MGASA-2024-0339.html
Type: security
CVE: CVE-2024-45321

Topics%20covered

Topics Covered

No topics assigned

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here