Stay Secure with the Latest Linux Advisories

security advisorysecurity updatecritical

Fedora 40 Update: Critical perl-App-cpanminus Transitioning to HTTPS

Patch the code to use https instead of http (CVE-2024-45321). -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-aaa468ae4f 2024-10-09 01:29:48.658001 -------------------------------------------------------------------------------- Name : perl-App-cpanminus Product : Fedora 40 Version : 1.7047 Release : 4.fc40 URL : https://metacpan.org/dist/App-cpanminus Summary : Get, unpack, build and install CPAN modules Description : Why? It's dependency free, requires zero configuration, and stands alone but it's maintainable and extensible with plug-ins and friendly to shell scripting. When running, it requires only 10 MB of RAM. -------------------------------------------------------------------------------- Update Information: Patch the code to use https instead of http (CVE-2024-45321) -------------------------------------------------------------------------------- ChangeLog: * Thu Sep 26 2024 Jitka Plesnikova - 1.7047-4 - Patch the code to use https instead of http (CVE-2024-45321) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2308439 - CVE-2024-45321 perl-App-cpanminus: From NVD collector [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2308439 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-aaa468ae4f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: . Important Fedora security update for perl-App-cpanminus mandates the use of https over http. Prompt action is recommended.. Fedora security, perl-App-cpanminus, https patch, web security advisory. . Severity: Critical. LinuxSecurity.com Team

Oct 09, 2024 •Critical Fedora