perl-devel September 2024

perl-devel@lists.fedoraproject.org

3 participants
381 discussions

[Bug 2269568] New: CVE-2024-2467 perl-Crypt-OpenSSL-RSA: side-channel attack in PKCS#1 v1.5 padding mode (Marvin Attack) [fedora-all]
by bugzilla＠redhat.com 27 Jun '25

27 Jun '25

https://bugzilla.redhat.com/show_bug.cgi?id=2269568 Bug ID: 2269568 Summary: CVE-2024-2467 perl-Crypt-OpenSSL-RSA: side-channel attack in PKCS#1 v1.5 padding mode (Marvin Attack) [fedora-all] Product: Fedora Version: 39 Status: NEW Component: perl-Crypt-OpenSSL-RSA Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: wjhns174(a)hardakers.net Reporter: mcascell(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: perl-devel(a)lists.fedoraproject.org, wjhns174(a)hardakers.net Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: http://bugzilla.redhat.com/show_bug.cgi?id=2269567 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2269568 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 22

[Bug 1923909] New: Upgrade perl-Tree-DAG_Node to 1.32
by bugzilla＠redhat.com 27 Jun '25

27 Jun '25

https://bugzilla.redhat.com/show_bug.cgi?id=1923909 Bug ID: 1923909 Summary: Upgrade perl-Tree-DAG_Node to 1.32 Product: Fedora Version: rawhide Status: NEW Component: perl-Tree-DAG_Node Assignee: spotrh(a)gmail.com Reporter: jplesnik(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: jose.p.oliveira.oss(a)gmail.com, paul(a)city-fan.org, perl-devel(a)lists.fedoraproject.org, spotrh(a)gmail.com Target Milestone: --- Classification: Fedora Latest Fedora delivers 1.31 version. Upstream released 1.32. When you have free time, please upgrade it. -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 2283360] New: F41FailsToInstall: asciio, perl-App-Asciio
by bugzilla＠redhat.com 25 Jun '25

25 Jun '25

https://bugzilla.redhat.com/show_bug.cgi?id=2283360 Bug ID: 2283360 Summary: F41FailsToInstall: asciio, perl-App-Asciio Product: Fedora Version: rawhide Status: NEW Component: perl-App-Asciio Assignee: emmanuel(a)seyman.fr Reporter: fti-bugs(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: emmanuel(a)seyman.fr, perl-devel(a)lists.fedoraproject.org Blocks: 2260877 (F41FailsToInstall,RAWHIDEFailsToInstall) Target Milestone: --- Classification: Fedora Hello, Please note that this comment was generated automatically by https://pagure.io/releng/blob/main/f/scripts/ftbfs-fti/follow-policy.py If you feel that this output has mistakes, please open an issue at https://pagure.io/releng/ Your package (perl-App-Asciio) Fails To Install in Fedora 41: can't install asciio: - nothing provides perl(App::Asciio::Text::Asciio) needed by asciio-1.90.02-1.fc41.noarch - nothing provides perl(Term::TermKey) needed by asciio-1.90.02-1.fc41.noarch can't install perl-App-Asciio: - nothing provides perl(App::Asciio::GTK::Asciio::stripes::angled_arrow) needed by perl-App-Asciio-1.90.02-1.fc41.noarch - nothing provides perl(App::Asciio::GTK::Asciio::stripes::editable_exec_box) needed by perl-App-Asciio-1.90.02-1.fc41.noarch - nothing provides perl(App::Asciio::GTK::Asciio::stripes::ellipse) needed by perl-App-Asciio-1.90.02-1.fc41.noarch - nothing provides perl(App::Asciio::GTK::Asciio::stripes::rhombus) needed by perl-App-Asciio-1.90.02-1.fc41.noarch - nothing provides perl(App::Asciio::GTK::Asciio::stripes::section_wirl_arrow) needed by perl-App-Asciio-1.90.02-1.fc41.noarch - nothing provides perl(App::Asciio::Text::Asciio::Dialogs) needed by perl-App-Asciio-1.90.02-1.fc41.noarch - nothing provides perl(App::Asciio::Text::Asciio::Menues) needed by perl-App-Asciio-1.90.02-1.fc41.noarch - nothing provides perl(App::Asciio::Text::Asciio::stripes::editable_arrow2) needed by perl-App-Asciio-1.90.02-1.fc41.noarch - nothing provides perl(App::Asciio::Text::Asciio::stripes::editable_box2) needed by perl-App-Asciio-1.90.02-1.fc41.noarch - nothing provides perl(App::Asciio::Text::Asciio::stripes::editable_exec_box) needed by perl-App-Asciio-1.90.02-1.fc41.noarch - nothing provides perl(App::Asciio::Text::Asciio::stripes::section_wirl_arrow) needed by perl-App-Asciio-1.90.02-1.fc41.noarch - nothing provides perl(App::Asciio::Text::Asciio::stripes::wirl_arrow) needed by perl-App-Asciio-1.90.02-1.fc41.noarch If you know about this problem and are planning on fixing it, please acknowledge so by setting the bug status to ASSIGNED. If you don't have time to maintain this package, consider orphaning it, so maintainers of dependent packages realize the problem. If you don't react accordingly to the policy for FTBFS/FTI bugs (https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails…) your package may be orphaned in 8+ weeks. P.S. The data was generated solely from koji buildroot, so it might be newer than the latest compose or the content on mirrors. To reproduce, use the koji/local repo only, e.g. in mock: $ mock -r fedora-41-x86_64 --config-opts mirrored=False install asciio perl-App-Asciio P.P.S. If this bug has been reported in the middle of upgrading multiple dependent packages, please consider using side tags: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/#updating-inter-d… Thanks! Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2260877 [Bug 2260877] Fedora 41 Fails To install Tracker -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2283360 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 6

[Bug 2035273] New: CVE-2020-16156 perl-CPAN: allows Signature Verification Bypass
by bugzilla＠redhat.com 03 Jun '25

03 Jun '25

https://bugzilla.redhat.com/show_bug.cgi?id=2035273 Bug ID: 2035273 Summary: CVE-2020-16156 perl-CPAN: allows Signature Verification Bypass Product: Security Response Hardware: All OS: Linux Status: NEW Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team(a)redhat.com Reporter: mrehak(a)redhat.com CC: caswilli(a)redhat.com, hhorak(a)redhat.com, jorton(a)redhat.com, jplesnik(a)redhat.com, kaycoth(a)redhat.com, mspacek(a)redhat.com, perl-devel(a)lists.fedoraproject.org, perl-maint-list(a)redhat.com, ppisar(a)redhat.com Target Milestone: --- Classification: Other It was found that cpan and cpanm are vulnerable to a signature verification bypass. Additionally, CPAN::Checksums (used by PAUSE) does not uniquely identify packages in the signed CHECKSUMS file, enabling a supply chain attack. Reference: https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/ -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2035273

1 16

[Bug 2305918] New: CVE-2024-23185 perl-Email-Address-XS: very large headers can cause resource exhaustion when parsing message [fedora-all]
by bugzilla＠redhat.com 20 May '25

20 May '25

https://bugzilla.redhat.com/show_bug.cgi?id=2305918 Bug ID: 2305918 Summary: CVE-2024-23185 perl-Email-Address-XS: very large headers can cause resource exhaustion when parsing message [fedora-all] Product: Fedora Version: 40 Status: NEW Whiteboard: {"flaws": ["3477a34a-f4c8-488a-a933-f8ea1c702a4e"]} Component: perl-Email-Address-XS Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: jplesnik(a)redhat.com Reporter: mbenatto(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: jplesnik(a)redhat.com, perl-devel(a)lists.fedoraproject.org Blocks: 2305910 (CVE-2024-23185) Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2305910 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2305910 [Bug 2305910] CVE-2024-23185 dovecot: very large headers can cause resource exhaustion when parsing message -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2305918 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 4

[Bug 2261445] New: perl-Authen-Krb5-Admin: FTBFS in Fedora rawhide/f40
by bugzilla＠redhat.com 16 May '25

16 May '25

https://bugzilla.redhat.com/show_bug.cgi?id=2261445 Bug ID: 2261445 Summary: perl-Authen-Krb5-Admin: FTBFS in Fedora rawhide/f40 Product: Fedora Version: rawhide Status: NEW Component: perl-Authen-Krb5-Admin Assignee: chkr(a)plauener.de Reporter: releng(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: chkr(a)plauener.de, perl-devel(a)lists.fedoraproject.org Blocks: 2231791 (F40FTBFS) Target Milestone: --- Classification: Fedora perl-Authen-Krb5-Admin failed to build from source in Fedora rawhide/f40 https://koji.fedoraproject.org/koji/taskinfo?taskID=112340152 For details on the mass rebuild see: https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild Please fix perl-Authen-Krb5-Admin at your earliest convenience and set the bug's status to ASSIGNED when you start fixing it. If the bug remains in NEW state for 8 weeks, perl-Authen-Krb5-Admin will be orphaned. Before branching of Fedora 41, perl-Authen-Krb5-Admin will be retired, if it still fails to build. For more details on the FTBFS policy, please visit: https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails… Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2231791 [Bug 2231791] Fedora 40 FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2261445 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 9

[Bug 2259166] New: perl-PDF-Haru-1.00-42.fc40 FTBFS: Haru.xs:1195:44: error: passing argument 2 of ‘HPDF_Page_SetDash’ from incompatible pointer type
by bugzilla＠redhat.com 16 May '25

16 May '25

https://bugzilla.redhat.com/show_bug.cgi?id=2259166 Bug ID: 2259166 Summary: perl-PDF-Haru-1.00-42.fc40 FTBFS: Haru.xs:1195:44: error: passing argument 2 of ‘HPDF_Page_SetDash’ from incompatible pointer type Product: Fedora Version: rawhide URL: https://koschei.fedoraproject.org/package/perl-PDF-Har u Status: NEW Component: perl-PDF-Haru Assignee: robinlee.sysu(a)gmail.com Reporter: ppisar(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: perl-devel(a)lists.fedoraproject.org, robinlee.sysu(a)gmail.com Blocks: 2231791 (F40FTBFS,RAWHIDEFTBFS) Target Milestone: --- Classification: Fedora perl-PDF-Haru-1.00-42.fc40 fails to build in Fedora 40: gcc -c -I. -D_REENTRANT -D_GNU_SOURCE -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -fwrapv -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DVERSION=\"1.00\" -DXS_VERSION=\"1.00\" -fPIC "-I/usr/lib64/perl5/CORE" Haru.c Haru.xs: In function ‘XS_PDF__Haru__Page_SetDash’: Haru.xs:1195:44: error: passing argument 2 of ‘HPDF_Page_SetDash’ from incompatible pointer type [-Wincompatible-pointer-types] 1195 | RETVAL = HPDF_Page_SetDash (page, ptn, num_elem + 1, phase); | ^~~ | | | HPDF_UINT16 * {aka short unsigned int *} In file included from Haru.xs:5: /usr/include/hpdf.h:1192:39: note: expected ‘const HPDF_REAL *’ {aka ‘const float *’} but argument is of type ‘HPDF_UINT16 *’ {aka ‘short unsigned int *’} 1192 | const HPDF_REAL *dash_ptn, | ~~~~~~~~~~~~~~~~~~^~~~~~~~ A difference between passing and failing build roots is at <https://koschei.fedoraproject.org/build/17079758>. This failure is probably triggered by upgrading gcc from 13.2.1-6.fc40 to 14.0.1-0.1.fc40. Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2231791 [Bug 2231791] Fedora 40 FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2259166 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2257106] New: F40FailsToInstall: perl-WWW-Google-Contacts
by bugzilla＠redhat.com 16 May '25

16 May '25

https://bugzilla.redhat.com/show_bug.cgi?id=2257106 Bug ID: 2257106 Summary: F40FailsToInstall: perl-WWW-Google-Contacts Product: Fedora Version: rawhide Status: NEW Component: perl-WWW-Google-Contacts Assignee: avibrazil(a)gmail.com Reporter: fti-bugs(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: avibrazil(a)gmail.com, perl-devel(a)lists.fedoraproject.org Blocks: 2231790 (F40FailsToInstall,RAWHIDEFailsToInstall) Target Milestone: --- Classification: Fedora Hello, Please note that this comment was generated automatically by https://pagure.io/releng/blob/main/f/scripts/ftbfs-fti/follow-policy.py If you feel that this output has mistakes, please open an issue at https://pagure.io/releng/ Your package (perl-WWW-Google-Contacts) Fails To Install in Fedora 40: can't install perl-WWW-Google-Contacts: - nothing provides perl(Net::Google::AuthSub) needed by perl-WWW-Google-Contacts-0.39-23.fc39.noarch If you know about this problem and are planning on fixing it, please acknowledge so by setting the bug status to ASSIGNED. If you don't have time to maintain this package, consider orphaning it, so maintainers of dependent packages realize the problem. If you don't react accordingly to the policy for FTBFS/FTI bugs (https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails…) your package may be orphaned in 8+ weeks. P.S. The data was generated solely from koji buildroot, so it might be newer than the latest compose or the content on mirrors. To reproduce, use the koji/local repo only, e.g. in mock: $ mock -r fedora-40-x86_64 --config-opts mirrored=False install perl-WWW-Google-Contacts P.P.S. If this bug has been reported in the middle of upgrading multiple dependent packages, please consider using side tags: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/#updating-inter-d… Thanks! Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2231790 [Bug 2231790] Fedora 40 Fails To install Tracker -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2257106 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 7

[Bug 2314672] New: Outdated Version of ExifTool
by bugzilla＠redhat.com 07 May '25

07 May '25

https://bugzilla.redhat.com/show_bug.cgi?id=2314672 Bug ID: 2314672 Summary: Outdated Version of ExifTool Product: Fedora EPEL Version: epel9 Hardware: x86_64 OS: Linux Status: NEW Component: perl-Image-ExifTool Severity: urgent Assignee: spotrh(a)gmail.com Reporter: gabe(a)hugeimpact.com QA Contact: extras-qa(a)fedoraproject.org CC: perl-devel(a)lists.fedoraproject.org, spotrh(a)gmail.com Target Milestone: --- Classification: Fedora The current version of Image Exif Tool which is available though EPEL is 12.70.x which is outdated: https://rpms.remirepo.net/rpmphp/zoom.php?rpm=perl-Image-ExifTool The latest version of this library is 12.97: https://exiftool.org/ Please update the EPEL repo with the latest version of this tool -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2314672 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 8

[Bug 2296986] New: RPM scriptlet error upgrading to perl-Mail-SPF-3.20240617-1.fc40.noarch (alternatives)
by bugzilla＠redhat.com 30 Apr '25

30 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2296986 Bug ID: 2296986 Summary: RPM scriptlet error upgrading to perl-Mail-SPF-3.20240617-1.fc40.noarch (alternatives) Product: Fedora Version: 40 Hardware: x86_64 OS: Linux Status: NEW Component: perl-Mail-SPF Severity: medium Assignee: jplesnik(a)redhat.com Reporter: amessina(a)messinet.com QA Contact: extras-qa(a)fedoraproject.org CC: jpazdziora(a)redhat.com, jplesnik(a)redhat.com, perl-devel(a)lists.fedoraproject.org, steve(a)silug.org Target Milestone: --- Classification: Fedora Running scriptlet: perl-Mail-SPF-3.20240617-1.fc40.noarch failed to link /usr/bin/spfquery -> /etc/alternatives/spf: /usr/bin/spfquery exists and it is not a symlink Reproducible: Always -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2296986 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 7

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

perl-devel September 2024