perl-devel March 2025

perl-devel@lists.fedoraproject.org

2 participants
117 discussions

[Bug 2272636] New: perl-SDL-2.548-22.fc41 FTBFS: t/core_events.t fails
by bugzilla＠redhat.com 25 Apr '25

25 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2272636 Bug ID: 2272636 Summary: perl-SDL-2.548-22.fc41 FTBFS: t/core_events.t fails Product: Fedora Version: rawhide URL: https://koschei.fedoraproject.org/package/perl-SDL Status: NEW Component: perl-SDL Assignee: hdegoede(a)redhat.com Reporter: ppisar(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: hdegoede(a)redhat.com, perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com Blocks: 2260875 (F41FTBFS,RAWHIDEFTBFS) Target Milestone: --- Classification: Fedora perl-SDL-2.548-22.fc41 fails to build in Fedora 41 because a test fails: t/core_error.t .................. ok Can't use an undefined value as a subroutine reference during global destruction. t/core_events.t ................. Dubious, test returned 22 (wstat 5632, 0x1600) All 697 subtests passed (less 1 skipped subtest: 696 okay) A difference between passing and failing build root is at <https://koschei.fedoraproject.org/build/17643376>. An upgrade of SDL2 from 2.28.5-3.fc40 to 2.30.1-1.fc41 is suspicious. Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2260875 [Bug 2260875] Fedora 41 FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2272636 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 10

[Bug 2230255] New: perl-HTTP-Tiny: a ton of new dependencies all of a sudden?
by bugzilla＠redhat.com 25 Apr '25

25 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2230255 Bug ID: 2230255 Summary: perl-HTTP-Tiny: a ton of new dependencies all of a sudden? Product: Fedora Version: 38 Hardware: All OS: Linux Status: NEW Component: perl-HTTP-Tiny Assignee: jplesnik(a)redhat.com Reporter: aros(a)gmx.com QA Contact: extras-qa(a)fedoraproject.org CC: jplesnik(a)redhat.com, mspacek(a)redhat.com, perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com Target Milestone: --- Classification: Fedora Why does a new version of perl-HTTP-Tiny now depend on a ton of new Perl subpackages? Could this please be made optional? # dnf update perl-HTTP-Tiny Dependencies resolved. ================================================================================ Package Arch Version Repository Size ================================================================================ Upgrading: perl-HTTP-Tiny noarch 0.086-2.fc38 updates 55 k Installing dependencies: perl-AutoLoader noarch 5.74-497.fc38 updates 22 k perl-Digest noarch 1.20-490.fc38 fedora 25 k perl-Digest-MD5 x86_64 2.58-490.fc38 fedora 36 k perl-IO-Socket-IP noarch 0.41-492.fc38 fedora 41 k perl-IO-Socket-SSL noarch 2.081-1.fc38 fedora 227 k perl-Mozilla-CA noarch 20221114-2.fc38 fedora 12 k perl-Net-SSLeay x86_64 1.92-5.fc38 fedora 361 k perl-URI noarch 5.17-2.fc38 fedora 120 k perl-base noarch 2.27-497.fc38 updates 17 k perl-libnet noarch 3.15-1.fc38 fedora 128 k Transaction Summary ================================================================================ Install 10 Packages Upgrade 1 Package Total download size: 1.0 M Is this ok [y/N]: Operation aborted. This looks totally excessive and unnecessary. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2230255 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 13

[Bug 2074940] New: Remove usage of gethostbyname() and inet_addr() from perl-FCGI package
by bugzilla＠redhat.com 25 Apr '25

25 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2074940 Bug ID: 2074940 Summary: Remove usage of gethostbyname() and inet_addr() from perl-FCGI package Product: Fedora Version: rawhide Status: NEW Component: perl-FCGI Assignee: emmanuel(a)seyman.fr Reporter: mspacek(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: bstinson(a)redhat.com, emmanuel(a)seyman.fr, iarnell(a)gmail.com, jwboyer(a)redhat.com, mspacek(a)redhat.com, perl-devel(a)lists.fedoraproject.org, perl-maint-list(a)redhat.com, rhel-cs-apps-subsystem-qe(a)redhat.com Depends On: 1979848 Target Milestone: --- Classification: Fedora +++ This bug was initially created as a clone of Bug #1979848 +++ Description of problem: rpminspect is failing in gating Version-Release number of selected component (if applicable): perl-FCGI-0.79-7.el9 Actual results: Forbidden function symbols found: gethostbyname inet_addr Expected results: no forbidden functions Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=1979848 [Bug 1979848] Remove usage of gethostbyname() and inet_addr() from perl-FCGI package -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2074940

1 7

[Bug 2063919] New: Packages Perl tests should not generate Provides
by bugzilla＠redhat.com 25 Apr '25

25 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2063919 Bug ID: 2063919 Summary: Packages Perl tests should not generate Provides Product: Fedora Version: rawhide Status: NEW Component: perl-generators Assignee: jplesnik(a)redhat.com Reporter: ppisar(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: jplesnik(a)redhat.com, mspacek(a)redhat.com, perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com Target Milestone: --- Classification: Fedora I noticed that packaged tests in /usr/libexec/... generates Provides because they are matched by perllib.attr: $ cat /usr/lib/rpm/fileattrs/perllib.attr %__perllib_provides %{_rpmconfigdir}/perl.prov %__perllib_requires %{_rpmconfigdir}/perl.req %__perllib_magic ^Perl[[:digit:]] module source.* %__perllib_path \\.pm$ %__perllib_flags magic_and_path I think they were meant to be only covered with perltest.attr: # cat /usr/lib/rpm/fileattrs/perltest.attr %__perltest_requires %{_rpmconfigdir}/perl.req %__perltest_magic ^.*[Pp]erl[[:digit:]]* .*$ %__perltest_path /usr/libexec/.*\\.(pl|pm|t)$ %__perltest_flags magic_and_path But perltest.attr is more similar to perl.attr, it's about scripts: $ cat /usr/lib/rpm/fileattrs/perl.attr %__perl_requires %{_rpmconfigdir}/perl.req %__perl_magic ^.*[Pp]erl .*$ %__perl_flags exeonly Would it be possible to change perllib.attr to match only files under /usr/{share,lib,lib64}/perl? Observed with perl-generators-1.13-5.fc36.noarch. (I find out that filtering those Provides with %__exclude_provides is a problem when the tests involve symlinks to modules in the main package. See perl-Module-Install-TestBase-tests-0.86-24.fc36 which erroneously provides perl(Module::Install::TestBase) <https://koji.fedoraproject.org/koji/buildinfo?buildID=1892296>. I will try to work it around on packaged file level in perl-Module-Install-TestBase.) -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2063919

1 4

[Bug 1666098] New: Overspecification in perl -MExtUtils::Embed -e ldopts
by bugzilla＠redhat.com 25 Apr '25

25 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=1666098 Bug ID: 1666098 Summary: Overspecification in perl -MExtUtils::Embed -e ldopts Product: Fedora Version: rawhide Status: NEW Component: perl Assignee: jplesnik(a)redhat.com Reporter: bugs.michael(a)gmx.net QA Contact: extras-qa(a)fedoraproject.org CC: caillon+fedoraproject(a)gmail.com, iarnell(a)gmail.com, jplesnik(a)redhat.com, kasal(a)ucw.cz, mbarnes(a)fastmail.com, mmaslano(a)redhat.com, perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com, psabata(a)redhat.com, rhughes(a)redhat.com, sandmann(a)redhat.com, tcallawa(a)redhat.com Target Milestone: --- Classification: Fedora The following command is supposed to return the ldflags that are needed to link with libperl. Instead, it returns everything that has been specified when building libperl itself. Not limited to Fedora's global flags and several libraries that aren't needed when linking shared. As a result, programs relink also with those libs instead of just libperl. $ perl -MExtUtils::Embed -e ldopts -Wl,--enable-new-dtags -Wl,-z,relro -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -Wl,-z,relro -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -fstack-protector-strong -L/usr/local/lib -L/usr/lib64/perl5/CORE -lperl -lpthread -lresolv -ldl -lm -lcrypt -lutil -lc Please clean up the flags and return only -L/usr/lib64/perl5/CORE -lperl. -- You are receiving this mail because: You are on the CC list for the bug.

1 11

[Bug 2355705] New: CVE-2024-13939 perl-String-Compare-ConstantTime: String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string [fedora-41]
by bugzilla＠redhat.com 17 Apr '25

17 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2355705 Bug ID: 2355705 Summary: CVE-2024-13939 perl-String-Compare-ConstantTime: String::Compare::ConstantTime for Perl through 0.321 is vulnerable to timing attacks that allow an attacker to guess the length of a secret string [fedora-41] Product: Fedora Version: 41 Status: NEW Whiteboard: {"flaws": ["da725ec8-9b41-4a44-8936-c21c330ab0cf"]} Component: perl-String-Compare-ConstantTime Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: ppisar(a)redhat.com Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: jplesnik(a)redhat.com, perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com Blocks: 2355663 Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2355663 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2355705 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2355245] New: CVE-2025-27552 perl-DBIx-Class-EncodedColumn: DBIx::Class::EncodedColumn until 0.00032 for Perl uses insecure rand() function for salting password hashes in Crypt/Eksblowfish/Bcrypt.pm [fedora-41]
by bugzilla＠redhat.com 15 Apr '25

15 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2355245 Bug ID: 2355245 Summary: CVE-2025-27552 perl-DBIx-Class-EncodedColumn: DBIx::Class::EncodedColumn until 0.00032 for Perl uses insecure rand() function for salting password hashes in Crypt/Eksblowfish/Bcrypt.pm [fedora-41] Product: Fedora Version: 41 Status: NEW Whiteboard: {"flaws": ["c7185397-7db4-4534-a645-2ac875052cf1"]} Component: perl-DBIx-Class-EncodedColumn Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jplesnik(a)redhat.com Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: iarnell(a)gmail.com, jplesnik(a)redhat.com, perl-devel(a)lists.fedoraproject.org Blocks: 2355041 Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2355041 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2355245 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 2

[Bug 2355243] New: CVE-2025-27551 perl-DBIx-Class-EncodedColumn: DBIx::Class::EncodedColumn until 0.00032 for Perl uses insecure rand() function for salting password hashes in Digest.pm [fedora-41]
by bugzilla＠redhat.com 15 Apr '25

15 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2355243 Bug ID: 2355243 Summary: CVE-2025-27551 perl-DBIx-Class-EncodedColumn: DBIx::Class::EncodedColumn until 0.00032 for Perl uses insecure rand() function for salting password hashes in Digest.pm [fedora-41] Product: Fedora Version: 41 Status: NEW Whiteboard: {"flaws": ["900c86bc-36d1-4941-89a7-d095f888098d"]} Component: perl-DBIx-Class-EncodedColumn Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jplesnik(a)redhat.com Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: iarnell(a)gmail.com, jplesnik(a)redhat.com, perl-devel(a)lists.fedoraproject.org Blocks: 2355043 Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2355043 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2355243 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2350982] New: perl-OpenGL-0.7001 is available
by bugzilla＠redhat.com 14 Apr '25

14 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2350982 Bug ID: 2350982 Summary: perl-OpenGL-0.7001 is available Product: Fedora Version: rawhide Status: NEW Component: perl-OpenGL Keywords: FutureFeature, Triaged Assignee: lkundrak(a)v3.sk Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: jplesnik(a)redhat.com, lkundrak(a)v3.sk, perl-devel(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Releases retrieved: 0.7001 Upstream release that is considered latest: 0.7001 Current version/release in rawhide: 0.7000-30.fc42 URL: http://search.cpan.org/dist/OpenGL/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/3179/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/perl-OpenGL -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2350982 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 16

[Bug 2355807] New: perl-Data-Float-0.014 is available
by bugzilla＠redhat.com 11 Apr '25

11 Apr '25

https://bugzilla.redhat.com/show_bug.cgi?id=2355807 Bug ID: 2355807 Summary: perl-Data-Float-0.014 is available Product: Fedora Version: rawhide Status: NEW Component: perl-Data-Float Keywords: FutureFeature, Triaged Assignee: ppisar(a)redhat.com Reporter: upstream-release-monitoring(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com Target Milestone: --- Classification: Fedora Releases retrieved: 0.014 Upstream release that is considered latest: 0.014 Current version/release in rawhide: 0.013-23.fc42 URL: http://search.cpan.org/dist/Data-Float/ Please consult the package updates policy before you issue an update to a stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/ More information about the service that created this bug can be found at: https://docs.fedoraproject.org/en-US/package-maintainers/Upstream_Release_M… Please keep in mind that with any upstream change, there may also be packaging changes that need to be made. Specifically, please remember that it is your responsibility to review the new version to ensure that the licensing is still correct and that no non-free or legally problematic items have been added upstream. Based on the information from Anitya: https://release-monitoring.org/project/2763/ To change the monitoring settings for the project, please visit: https://src.fedoraproject.org/rpms/perl-Data-Float -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2355807 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 22

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

perl-devel March 2025