perl-devel March 2021

perl-devel@lists.fedoraproject.org

4 participants
283 discussions

[Bug 1934823] New: CVE-2020-28591 slic3r: Out-of-bounds read in AMFParserContext::endElement()
by bugzilla＠redhat.com 23 Mar '21

23 Mar '21

https://bugzilla.redhat.com/show_bug.cgi?id=1934823 Bug ID: 1934823 Summary: CVE-2020-28591 slic3r: Out-of-bounds read in AMFParserContext::endElement() Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: low Priority: low Assignee: security-response-team(a)redhat.com Reporter: psampaio(a)redhat.com CC: mhroncok(a)redhat.com, perl-devel(a)lists.fedoraproject.org Target Milestone: --- Classification: Other An out-of-bounds read vulnerability exists in the AMF File AMFParserContext::endElement() functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted AMF file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability. https://talosintelligence.com/vulnerability_reports/TALOS-2020-1215 -- You are receiving this mail because: You are on the CC list for the bug.

1 5

[Bug 1939432] New: perl-HTML-FormFu-MultiForm-1.03-12.fc35 FTBFS: Couldn't load Crypt::Cipher::AES: Can't locate Crypt/Cipher/AES.pm in @INC
by bugzilla＠redhat.com 23 Mar '21

23 Mar '21

https://bugzilla.redhat.com/show_bug.cgi?id=1939432 Bug ID: 1939432 Summary: perl-HTML-FormFu-MultiForm-1.03-12.fc35 FTBFS: Couldn't load Crypt::Cipher::AES: Can't locate Crypt/Cipher/AES.pm in @INC Product: Fedora Version: rawhide URL: https://koschei.fedoraproject.org/package/perl-HTML-Fo rmFu-MultiForm Status: NEW Component: perl-HTML-FormFu-MultiForm Assignee: ppisar(a)redhat.com Reporter: ppisar(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com Blocks: 1927309 (F35FTBFS) Target Milestone: --- Classification: Fedora perl-HTML-FormFu-MultiForm-1.03-12.fc35 fails to build in Fedora 35 because the test fail like this: t/00-report-prereqs.t ........................ ok t/multiform-misc-file-client-side.t .......... skipped: CGI tmp_upload_dir functionality makes this unusable on modern versions Couldn't load Crypt::Cipher::AES: Can't locate Crypt/Cipher/AES.pm in @INC (you may need to install the Crypt::Cipher::AES module) (@INC contains: /builddir/build/BUILD/HTML-FormFu-MultiForm-1.03/blib/lib /builddir/build/BUILD/HTML-FormFu-MultiForm-1.03/blib/arch /usr/local/lib64/perl5/5.32 /usr/local/share/perl5/5.32 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at (eval 465) line 1. at /builddir/build/BUILD/HTML-FormFu-MultiForm-1.03/blib/lib/HTML/FormFu/MultiForm.pm line 464. # Looks like your test exited with 2 just after 3. t/multiform-misc/accessors.t ................. Dubious, test returned 2 (wstat 512, 0x200) Failed 3/6 subtests A difference between passing and failing build root is at <https://koschei.fedoraproject.org/build/9825761>. An upgrade of perl-Crypt-CBC from 2.33-30.fc34 to 3.01-1.fc34 looks suspicious. Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1927309 [Bug 1927309] Fedora 35 FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug.

1 5

[Bug 1939427] New: perl-Dancer-Session-Cookie-0.30-11.fc35 FTBFS: WARNING: The key derivation method "opensslv1" is deprecated. Using -pbkdf=>'pbkdf2' would be better.
by bugzilla＠redhat.com 23 Mar '21

23 Mar '21

https://bugzilla.redhat.com/show_bug.cgi?id=1939427 Bug ID: 1939427 Summary: perl-Dancer-Session-Cookie-0.30-11.fc35 FTBFS: WARNING: The key derivation method "opensslv1" is deprecated. Using -pbkdf=>'pbkdf2' would be better. Product: Fedora Version: rawhide URL: https://koschei.fedoraproject.org/package/perl-Dancer- Session-Cookie Status: NEW Component: perl-Dancer-Session-Cookie Assignee: ppisar(a)redhat.com Reporter: ppisar(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com Blocks: 1927309 (F35FTBFS) Target Milestone: --- Classification: Fedora perl-Dancer-Session-Cookie-0.30-11.fc35 fails to build in Fedora 35 because a test fails: t/00-report-prereqs.t ........ ok # Failed test 'no warnings' # at /usr/share/perl5/vendor_perl/Test/Builder.pm line 193. # There were 2 warning(s) # Previous test 5 'Dancer::Session::Cookie->can(...)' # WARNING: The key derivation method "opensslv1" is deprecated. Using -pbkdf=>'pbkdf2' would be better. # Pass -nodeprecate=>1 to inhibit this message. # at /usr/share/perl5/vendor_perl/Session/Storage/Secure.pm line 213. # at /usr/share/perl5/vendor_perl/Crypt/CBC.pm line 455. # Crypt::CBC::_deprecation_warning(Crypt::CBC=HASH(0x15fbcf2b0)) called at /usr/share/perl5/vendor_perl/Crypt/CBC.pm line 158 # Crypt::CBC::start(Crypt::CBC=HASH(0x15fbcf2b0), "encrypting") called at /usr/share/perl5/vendor_perl/Crypt/CBC.pm line 125 # Crypt::CBC::encrypt(Crypt::CBC=HASH(0x15fbcf2b0), "=\x{f3}rl\x{4}\x{0}(*\x{1}bid&\$372223686496908815687397255954065325") called at /usr/share/perl5/vendor_perl/Session/Storage/Secure.pm line 213 # eval {...} called at /usr/share/perl5/vendor_perl/Session/Storage/Secure.pm line 212 # Session::Storage::Secure::encode(Session::Storage::Secure=HASH(0x15fb59f68), HASH(0x15e3e23f8)) called at /builddir/build/BUILD/Dancer-Session-Cookie-0.30/lib/Dancer/Session/Cookie.pm line 159 # Dancer::Session::Cookie::_cookie_value(Dancer::Session::Cookie=HASH(0x15e3dc7f0)) called at t/01-session.t line 32 # # ---------- # Previous test 6 'cookie value is defined' # WARNING: The key derivation method "opensslv1" is deprecated. Using -pbkdf=>'pbkdf2' would be better. # Pass -nodeprecate=>1 to inhibit this message. # at /usr/share/perl5/vendor_perl/Session/Storage/Secure.pm line 213. # at /usr/share/perl5/vendor_perl/Crypt/CBC.pm line 455. # Crypt::CBC::_deprecation_warning(Crypt::CBC=HASH(0x15fbddfd0)) called at /usr/share/perl5/vendor_perl/Crypt/CBC.pm line 158 # Crypt::CBC::start(Crypt::CBC=HASH(0x15fbddfd0), "encrypting") called at /usr/share/perl5/vendor_perl/Crypt/CBC.pm line 125 # Crypt::CBC::encrypt(Crypt::CBC=HASH(0x15fbddfd0), "=\x{f3}rl\x{4}\x{0}(*\x{2}cbarcbazbid&\$372223686496908815687397255954065325") called at /usr/share/perl5/vendor_perl/Session/Storage/Secure.pm line 213 # eval {...} called at /usr/share/perl5/vendor_perl/Session/Storage/Secure.pm line 212 # Session::Storage::Secure::encode(Session::Storage::Secure=HASH(0x15fb59f68), HASH(0x15fc17708)) called at /builddir/build/BUILD/Dancer-Session-Cookie-0.30/lib/Dancer/Session/Cookie.pm line 159 # Dancer::Session::Cookie::_cookie_value(Dancer::Session::Cookie=HASH(0x15e3dc7f0)) called at t/01-session.t line 35 # # Looks like you failed 1 test of 11. t/01-session.t ............... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/11 subtests A difference between passing and failing build root is at <https://koschei.fedoraproject.org/build/9922722>. An upgrade of perl-Crypt-CBC from 2.33-30.fc34 to 3.01-1.fc35 Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1927309 [Bug 1927309] Fedora 35 FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug.

1 6

[Bug 1939683] New: perl-MooseX-Getopt-0.75 is available
by bugzilla＠redhat.com 22 Mar '21

22 Mar '21

https://bugzilla.redhat.com/show_bug.cgi?id=1939683 Bug ID: 1939683 Summary: perl-MooseX-Getopt-0.75 is available Product: Fedora Version: rawhide Status: NEW Component: perl-MooseX-Getopt Keywords: FutureFeature, Triaged Assignee: emmanuel(a)seyman.fr Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: emmanuel(a)seyman.fr, iarnell(a)gmail.com, paul(a)city-fan.org, perl-devel(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Latest upstream release: 0.75 Current version/release in rawhide: 0.74-11.fc34 URL: http://search.cpan.org/dist/MooseX-Getopt/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/10663/ -- You are receiving this mail because: You are on the CC list for the bug.

1 5

[Bug 1939044] New: perl-DateTime-Format-Pg-0.16014 is available
by bugzilla＠redhat.com 22 Mar '21

22 Mar '21

https://bugzilla.redhat.com/show_bug.cgi?id=1939044 Bug ID: 1939044 Summary: perl-DateTime-Format-Pg-0.16014 is available Product: Fedora Version: rawhide Status: NEW Component: perl-DateTime-Format-Pg Keywords: FutureFeature, Triaged Assignee: jplesnik(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: iarnell(a)gmail.com, jplesnik(a)redhat.com, perl-devel(a)lists.fedoraproject.org, wfp5p(a)worldbroken.com Target Milestone: --- Classification: Fedora Latest upstream release: 0.16014 Current version/release in rawhide: 0.16013-13.fc34 URL: http://search.cpan.org/dist/DateTime-Format-Pg/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/7087/ -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 1933843] New: Please add perl-Net-SMTPS to epel8
by bugzilla＠redhat.com 22 Mar '21

22 Mar '21

https://bugzilla.redhat.com/show_bug.cgi?id=1933843 Bug ID: 1933843 Summary: Please add perl-Net-SMTPS to epel8 Product: Fedora EPEL Version: epel8 Status: NEW Component: perl-Net-SMTPS Severity: low Assignee: emmanuel(a)seyman.fr Reporter: mvanwinkle(a)ias.edu QA Contact: extras-qa(a)fedoraproject.org CC: emmanuel(a)seyman.fr, perl-devel(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Description of problem: Please add this package to epel8 . I'm pretty sure it was in el7. Additional info: I use this for email things. Thanks -- You are receiving this mail because: You are on the CC list for the bug.

1 5

[Bug 1941361] New: perl-Moo-2.005003 is available
by bugzilla＠redhat.com 21 Mar '21

21 Mar '21

https://bugzilla.redhat.com/show_bug.cgi?id=1941361 Bug ID: 1941361 Summary: perl-Moo-2.005003 is available Product: Fedora Version: rawhide Status: NEW Component: perl-Moo Keywords: FutureFeature, Triaged Assignee: emmanuel(a)seyman.fr Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: emmanuel(a)seyman.fr, iarnell(a)gmail.com, perl-devel(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Latest upstream release: 2.005003 Current version/release in rawhide: 2.004004-2.fc34 URL: http://search.cpan.org/dist/Moo/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/3123/ -- You are receiving this mail because: You are on the CC list for the bug.

1 1

[Bug 1939434] New: perl-MooseX-App-Cmd-0.32-16.fc35 FTBFS: Failed test 'Internal hashes match' at t/build_emulates_new.t line 16.
by bugzilla＠redhat.com 21 Mar '21

21 Mar '21

https://bugzilla.redhat.com/show_bug.cgi?id=1939434 Bug ID: 1939434 Summary: perl-MooseX-App-Cmd-0.32-16.fc35 FTBFS: Failed test 'Internal hashes match' at t/build_emulates_new.t line 16. Product: Fedora Version: rawhide URL: https://koschei.fedoraproject.org/package/perl-MooseX- App-Cmd Status: NEW Component: perl-MooseX-App-Cmd Assignee: emmanuel(a)seyman.fr Reporter: ppisar(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: emmanuel(a)seyman.fr, iarnell(a)gmail.com, perl-devel(a)lists.fedoraproject.org Blocks: 1927309 (F35FTBFS) Target Milestone: --- Classification: Fedora perl-MooseX-App-Cmd-0.32-16.fc35 fails to build in Fedora 35 because a test fails: t/basic.t ............... ok # Failed test 'Internal hashes match' # at t/build_emulates_new.t line 16. # Structures begin differing at: # $got->{plugin_search_path}[0] = 'Bar::Command' # $expected->{plugin_search_path}[0] = 'Foo::Command' # Looks like you failed 1 test of 1. t/build_emulates_new.t .. Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests A difference between passing and failing build root is at <https://koschei.fedoraproject.org/build/10059536>. Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1927309 [Bug 1927309] Fedora 35 FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1938391] New: perl-App-Cmd-0.332 is available
by bugzilla＠redhat.com 21 Mar '21

21 Mar '21

https://bugzilla.redhat.com/show_bug.cgi?id=1938391 Bug ID: 1938391 Summary: perl-App-Cmd-0.332 is available Product: Fedora Version: rawhide Status: NEW Component: perl-App-Cmd Keywords: FutureFeature, Triaged Assignee: emmanuel(a)seyman.fr Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: emmanuel(a)seyman.fr, perl-devel(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Latest upstream release: 0.332 Current version/release in rawhide: 0.331-15.fc34 URL: http://search.cpan.org/dist/App-Cmd/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/7401/ -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 1939292] New: perl-Dancer2-0.301000 is available
by bugzilla＠redhat.com 21 Mar '21

21 Mar '21

https://bugzilla.redhat.com/show_bug.cgi?id=1939292 Bug ID: 1939292 Summary: perl-Dancer2-0.301000 is available Product: Fedora Version: rawhide Status: NEW Component: perl-Dancer2 Keywords: FutureFeature, Triaged Assignee: emmanuel(a)seyman.fr Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: emmanuel(a)seyman.fr, perl-devel(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Latest upstream release: 0.301000 Current version/release in rawhide: 0.300005-1.fc34 URL: http://search.cpan.org/dist/Dancer2 Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from anitya: https://release-monitoring.org/project/5847/ -- You are receiving this mail because: You are on the CC list for the bug.

1 2

← Newer
1
...
18
19
20
21
22
23
24
...
29
Older →

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

perl-devel March 2021