Stay Secure with the Latest Linux Advisories

security advisorycriticalsoftware update

Fedora 32: FEDORA-2020-cc7deffbf1 Critical: perl-Mojolicious GET Issue

This package fixes a security issue that allowed for _method query parameters to be used with GET requests. The fix is backported from Mojolicious v8.42.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2020-cc7deffbf1 2020-05-19 02:52:04.490353 --------------------------------------------------------------------------------Name : perl-Mojolicious Product : Fedora 32 Version : 8.42 Release : 1.fc32 URL : https://metacpan.org/dist/Mojolicious Summary : A next generation web framework for Perl Description : Back in the early days of the web there was this wonderful Perl library called CGI, many people only learned Perl because of it. It was simple enough to get started without knowing much about the language and powerful enough to keep you going, learning by doing was much fun. While most of the techniques used are outdated now, the idea behind it is not. Mojolicious is a new attempt at implementing this idea using state of the art technology. --------------------------------------------------------------------------------Update Information: This package fixes a security issue that allowed for _method query parameters to be used with GET requests. The fix is backported from Mojolicious v8.42. --------------------------------------------------------------------------------ChangeLog: * Sun May 10 2020 Emmanuel Seyman - 8.42-1 - Update to 8.42 * Sun May 3 2020 Emmanuel Seyman - 8.41-1 - Update to 8.41 * Sun Apr 26 2020 Emmanuel Seyman - 8.40-1 - Update to 8.40 * Sun Apr 19 2020 Emmanuel Seyman - 8.37-1 - Update to 8.37 * Sun Apr 5 2020 Emmanuel Seyman - 8.36-1 - Update to 8.36 * Sun Mar 22 2020 Emmanuel Seyman - 8.35-1 - Update to 8.35 * Wed Mar 11 2020 Petr Pisar - 8.33-2 - Specify all dependencies * Sun Feb 16 2020 Emmanuel Seyman - 8.33-1 - Update to 8.33 --------------------------------------------------------------------------------This update can beinstalled with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2020-cc7deffbf1' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ . Essential security update for Fedora 32: perl-Mojolicious resolves vulnerabilities linked to query parameters in GET requests.. Fedora 32 Security Fix, perl-Mojolicious Update, GET Request Security. . Severity: Critical. LinuxSecurity.com Team

May 18, 2020 •Critical Fedora