perl-devel December 2024

perl-devel@lists.fedoraproject.org

2 participants
104 discussions

[Bug 2305915] New: CVE-2024-23185 perl-Email-Address-XS: very large headers can cause resource exhaustion when parsing message [epel-all]
by bugzilla＠redhat.com 11 Mar '25

11 Mar '25

https://bugzilla.redhat.com/show_bug.cgi?id=2305915 Bug ID: 2305915 Summary: CVE-2024-23185 perl-Email-Address-XS: very large headers can cause resource exhaustion when parsing message [epel-all] Product: Fedora EPEL Version: epel8 Status: NEW Whiteboard: {"flaws": ["3477a34a-f4c8-488a-a933-f8ea1c702a4e"]} Component: perl-Email-Address-XS Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: jplesnik(a)redhat.com Reporter: mbenatto(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: jplesnik(a)redhat.com, perl-devel(a)lists.fedoraproject.org Blocks: 2305910 (CVE-2024-23185) Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2305910 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2305910 [Bug 2305910] CVE-2024-23185 dovecot: very large headers can cause resource exhaustion when parsing message -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2305915 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 2

[Bug 2332241] New: CVE-2024-55918 perl-Graphics-ColorNames: HTML injection [fedora-41]
by bugzilla＠redhat.com 11 Mar '25

11 Mar '25

https://bugzilla.redhat.com/show_bug.cgi?id=2332241 Bug ID: 2332241 Summary: CVE-2024-55918 perl-Graphics-ColorNames: HTML injection [fedora-41] Product: Fedora Version: 41 Status: NEW Whiteboard: {"flaws": ["39c04a19-4932-4492-ba5e-9a8f0ae95fb4"]} Component: perl-Graphics-ColorNames Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jplesnik(a)redhat.com Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: jplesnik(a)redhat.com, perl-devel(a)lists.fedoraproject.org, steve(a)silug.org Blocks: 2332239 Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2332239 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2332241 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 2

[Bug 2335021] New: perl-App-Cmd-0.337 is available
by bugzilla＠redhat.com 02 Mar '25

02 Mar '25

https://bugzilla.redhat.com/show_bug.cgi?id=2335021 Bug ID: 2335021 Summary: perl-App-Cmd-0.337 is available Product: Fedora Version: rawhide Status: NEW Component: perl-App-Cmd Keywords: FutureFeature, Triaged Assignee: emmanuel(a)seyman.fr Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: emmanuel(a)seyman.fr, perl-devel(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Releases retrieved: 0.337 Upstream release that is considered latest: 0.337 Current version/release in rawhide: 0.336-4.fc41 URL: https://metacpan.org/dist/App-Cmd Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/7401/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/perl-App-Cmd -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2335021 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2161639] New: Pregenerated File-RsyncP-0.76/FileList/configure is missing a source
by bugzilla＠redhat.com 25 Feb '25

25 Feb '25

https://bugzilla.redhat.com/show_bug.cgi?id=2161639 Bug ID: 2161639 Summary: Pregenerated File-RsyncP-0.76/FileList/configure is missing a source Product: Fedora Version: rawhide Status: NEW Component: perl-File-RsyncP Assignee: jplesnik(a)redhat.com Reporter: ppisar(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: imlinux+fedora(a)gmail.com, jplesnik(a)redhat.com, perl-devel(a)lists.fedoraproject.org Target Milestone: --- Link ID: Red Hat Bugzilla 199647 Classification: Fedora perl-File-RsyncP-0.76-10.fc38 source package delivers File-RsyncP-0.76/FileList/configure file which itsels was generated with Autoconf, but the original source for Autoconf tool (configure.in according to File-RsyncP-0.76/FileList/Makefile.PL is missing from the source archive and thus from the source package. While the file is licensed as FSFULL which does not require distributing sources, it is deemed to be against Fedora spirit (and Packaging guidelines?) <https://lists.fedoraproject.org/archives/list/packaging@lists.fedoraproject…>. We should either reimplement configure.in or remove this package from a distribution. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2161639

1 4

[Bug 2262785] New: Upgrade perl-Image-ExifTool to 12.76
by bugzilla＠redhat.com 18 Feb '25

18 Feb '25

https://bugzilla.redhat.com/show_bug.cgi?id=2262785 Bug ID: 2262785 Summary: Upgrade perl-Image-ExifTool to 12.76 Product: Fedora Version: rawhide URL: https://metacpan.org/release/Image-ExifTool Status: NEW Component: perl-Image-ExifTool Assignee: spotrh(a)gmail.com Reporter: jplesnik(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: perl-devel(a)lists.fedoraproject.org, spotrh(a)gmail.com Target Milestone: --- Classification: Fedora Latest Fedora delivers 12.70 version. Upstream released 12.76. When you have free time, please upgrade it. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2262785 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 2

[Bug 1765886] New: Please provide EPEL8 package
by bugzilla＠redhat.com 08 Feb '25

08 Feb '25

https://bugzilla.redhat.com/show_bug.cgi?id=1765886 Bug ID: 1765886 Summary: Please provide EPEL8 package Product: Fedora EPEL Version: epel8 Status: NEW Component: perl-LockFile-Simple Assignee: andreas(a)bawue.net Reporter: sergio(a)serjux.com QA Contact: extras-qa(a)fedoraproject.org CC: andreas(a)bawue.net, perl-devel(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora We need for some packages debmirror is the first [1] Thanks [1] https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2019-196c55d9bd -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 1877444] New: perl-dbi: DBD::File drivers open files from folders other than specifically passed
by bugzilla＠redhat.com 06 Feb '25

06 Feb '25

https://bugzilla.redhat.com/show_bug.cgi?id=1877444 Bug ID: 1877444 Summary: perl-dbi: DBD::File drivers open files from folders other than specifically passed Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: psampaio(a)redhat.com CC: caillon+fedoraproject(a)gmail.com, hhorak(a)redhat.com, john.j5live(a)gmail.com, jorton(a)redhat.com, jplesnik(a)redhat.com, kasal(a)ucw.cz, perl-devel(a)lists.fedoraproject.org, perl-maint-list(a)redhat.com, ppisar(a)redhat.com, rhughes(a)redhat.com, rstrode(a)redhat.com, sandmann(a)redhat.com Target Milestone: --- Classification: Other -- You are receiving this mail because: You are on the CC list for the bug.

1 9

[Bug 2271053] New: biber-2.20 is available
by bugzilla＠redhat.com 03 Feb '25

03 Feb '25

https://bugzilla.redhat.com/show_bug.cgi?id=2271053 Bug ID: 2271053 Summary: biber-2.20 is available Product: Fedora Version: rawhide Status: NEW Component: biber Keywords: FutureFeature, Triaged Assignee: ppisar(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: cbm(a)m.fsf.org, code(a)musicinmybrain.net, jnovy(a)redhat.com, perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com Target Milestone: --- Classification: Fedora Releases retrieved: 2.20 Upstream release that is considered latest: 2.20 Current version/release in rawhide: 2.19-5.fc40 URL: http://biblatex-biber.sourceforge.net/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/6443/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/biber -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2271053 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 7

[Bug 2334347] New: perl-Net-DNS-1.49 is available
by bugzilla＠redhat.com 28 Jan '25

28 Jan '25

https://bugzilla.redhat.com/show_bug.cgi?id=2334347 Bug ID: 2334347 Summary: perl-Net-DNS-1.49 is available Product: Fedora Version: rawhide Status: NEW Component: perl-Net-DNS Keywords: FutureFeature, Triaged Assignee: paul.wouters(a)aiven.io Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: kasal(a)ucw.cz, mspacek(a)redhat.com, paul.wouters(a)aiven.io, perl-devel(a)lists.fedoraproject.org, rstrode(a)redhat.com Target Milestone: --- Classification: Fedora Releases retrieved: 1.49 Upstream release that is considered latest: 1.49 Current version/release in rawhide: 1.48-1.fc42 URL: https://metacpan.org/dist/Net-DNS/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/3147/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/perl-Net-DNS -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2334347 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 5

[Bug 2332646] New: perl-YAML-Tiny-1.76 is available
by bugzilla＠redhat.com 21 Jan '25

21 Jan '25

https://bugzilla.redhat.com/show_bug.cgi?id=2332646 Bug ID: 2332646 Summary: perl-YAML-Tiny-1.76 is available Product: Fedora Version: rawhide Status: NEW Component: perl-YAML-Tiny Keywords: FutureFeature, Triaged Assignee: paul(a)city-fan.org Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: paul(a)city-fan.org, perl-devel(a)lists.fedoraproject.org, steve(a)silug.org Target Milestone: --- Classification: Fedora Releases retrieved: 1.76 Upstream release that is considered latest: 1.76 Current version/release in rawhide: 1.75-1.fc42 URL: http://search.cpan.org/dist/YAML-Tiny/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/3549/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/perl-YAML-Tiny -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2332646 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

perl-devel December 2024