ELSA-2024-3094

Опубликовано: 23 мая 2024

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2024-3094: perl-CPAN security update (MODERATE)

[2.18-399]

Fix tests to run in correct order

[2.18-398]

Fix CVE-2023-31484
Package tests

[2.18-397]

Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

[2.18-396]

Rebase patches to prevent from installing back-up files

[2.18-395]

Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild

[2.18-394]

Perl 5.26 re-rebuild of bootstrapped packages

[2.18-393]

Perl 5.26 rebuild

[2.18-2]

Don't BR: perl(Module::Build) when bootstrapping

[2.18-1]

Upgrade to CPAN-2.18 as provided in perl-5.25.12

[2.16-1]

2.16 bump

[2.14-5]

Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild

[2.14-4]

Use Perl porter's fix for searching cpan -j file (CPAN RT#116507)
Fix logging fatal errors (https://github.com/andk/cpanpm/pull/104)

[2.14-3]

Apply remains of CVE-2016-1238 fix from perl (CPAN RT#116507)
Do not search cpan -j file in @INC (CPAN RT#116507)

[2.14-2]

Fix CVE-2016-1238 properly (CPAN RT#116507)

[2.14-1]

2.14 bump
Fix installation from a working directory (CPAN RT#115734)
Fix 'cpan -O' invocation (CPAN RT#115786)
Do not use Net::FTP if ftp_proxy variable points to an HTTP server (CPAN RT#110833)
Recognize URL schemata disregarding the case
Fix CVE-2016-1238 (loading optional modules from current working directory)
Recognize exact version dependency operator (CPAN RT#47934)
Cope with non-digit version strings

[2.11-366]

Perl 5.24 re-rebuild of bootstrapped packages

[2.11-365]

Increase release to favour standalone package

[2.11-349]

Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild

[2.11-348]

Require make package

[2.11-347]

Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild

[2.11-346]

Perl 5.22 re-rebuild of bootstrapped packages

[2.11-345]

Increase release to favour standalone package

[2.11-2]

Perl 5.22 rebuild

[2.11-1]

2.11 bump in order to dual-live with perl 5.22

[2.10-1]

2.10 bump

[2.05-309]

Allow changing the configuration directory name

[2.05-308]

Create site paths for the first time (bug #1158873)

[2.05-307]

Synchronize to perl.spec modifications
Disable non-core modules when bootstrapping

[2.05-1]

Specfile autogenerated by cpanspec 1.78.

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

perl-CPAN

2.18-399.el8

Oracle Linux x86_64

perl-CPAN

2.18-399.el8

Связанные CVE

CVE-2023-31484

Ссылки на источники

Связанные уязвимости

CVE-2023-31484

CVSS3: 8.1

ubuntu

около 2 лет назад

CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.

CVE-2023-31484

CVSS3: 7.4

redhat

около 2 лет назад

CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.

CVE-2023-31484

CVSS3: 8.1

nvd

около 2 лет назад

CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.

CVE-2023-31484

CVSS3: 8.1

debian

около 2 лет назад

CPAN.pm before 2.35 does not verify TLS certificates when downloading ...

SUSE-SU-2023:2882-1

suse-cvrf

почти 2 года назад

Security update for perl