perl-devel April 2025

perl-devel@lists.fedoraproject.org

2 participants
109 discussions

[Bug 2355244] New: CVE-2025-27552 perl-DBIx-Class-EncodedColumn: DBIx::Class::EncodedColumn until 0.00032 for Perl uses insecure rand() function for salting password hashes in Crypt/Eksblowfish/Bcrypt.pm [fedora-40]
by bugzilla＠redhat.com 22 May '25

22 May '25

https://bugzilla.redhat.com/show_bug.cgi?id=2355244 Bug ID: 2355244 Summary: CVE-2025-27552 perl-DBIx-Class-EncodedColumn: DBIx::Class::EncodedColumn until 0.00032 for Perl uses insecure rand() function for salting password hashes in Crypt/Eksblowfish/Bcrypt.pm [fedora-40] Product: Fedora Version: 40 Status: NEW Whiteboard: {"flaws": ["c7185397-7db4-4534-a645-2ac875052cf1"]} Component: perl-DBIx-Class-EncodedColumn Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jplesnik(a)redhat.com Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: iarnell(a)gmail.com, jplesnik(a)redhat.com, perl-devel(a)lists.fedoraproject.org Blocks: 2355041 Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2355041 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2355244 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 2

[Bug 2355242] New: CVE-2025-27551 perl-DBIx-Class-EncodedColumn: DBIx::Class::EncodedColumn until 0.00032 for Perl uses insecure rand() function for salting password hashes in Digest.pm [fedora-40]
by bugzilla＠redhat.com 22 May '25

22 May '25

https://bugzilla.redhat.com/show_bug.cgi?id=2355242 Bug ID: 2355242 Summary: CVE-2025-27551 perl-DBIx-Class-EncodedColumn: DBIx::Class::EncodedColumn until 0.00032 for Perl uses insecure rand() function for salting password hashes in Digest.pm [fedora-40] Product: Fedora Version: 40 Status: NEW Whiteboard: {"flaws": ["900c86bc-36d1-4941-89a7-d095f888098d"]} Component: perl-DBIx-Class-EncodedColumn Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jplesnik(a)redhat.com Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: iarnell(a)gmail.com, jplesnik(a)redhat.com, perl-devel(a)lists.fedoraproject.org Blocks: 2355043 Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2355043 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2355242 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 2

[Bug 2332242] New: CVE-2024-55918 perl-Graphics-ColorNames: HTML injection [fedora-40]
by bugzilla＠redhat.com 22 May '25

22 May '25

https://bugzilla.redhat.com/show_bug.cgi?id=2332242 Bug ID: 2332242 Summary: CVE-2024-55918 perl-Graphics-ColorNames: HTML injection [fedora-40] Product: Fedora Version: 40 Status: NEW Whiteboard: {"flaws": ["39c04a19-4932-4492-ba5e-9a8f0ae95fb4"]} Component: perl-Graphics-ColorNames Keywords: Security, SecurityTracking Severity: medium Priority: medium Assignee: jplesnik(a)redhat.com Reporter: ahanwate(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: jplesnik(a)redhat.com, perl-devel(a)lists.fedoraproject.org, steve(a)silug.org Blocks: 2332239 Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2332239 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2332242 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 4

[Bug 2316684] New: Request for packaging of Perl module Mail::DMARC
by bugzilla＠redhat.com 21 May '25

21 May '25

https://bugzilla.redhat.com/show_bug.cgi?id=2316684 Bug ID: 2316684 Summary: Request for packaging of Perl module Mail::DMARC Product: Fedora Version: 40 OS: Linux Status: NEW Component: perl Severity: medium Assignee: jplesnik(a)redhat.com Reporter: thom.jeera(a)proton.me QA Contact: extras-qa(a)fedoraproject.org CC: iarnell(a)gmail.com, jplesnik(a)redhat.com, kasal(a)ucw.cz, mmaslano(a)redhat.com, mspacek(a)redhat.com, perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com, psabata(a)redhat.com, rhughes(a)redhat.com, spotrh(a)gmail.com Target Milestone: --- Classification: Fedora spamassassin DMARC plugin (Mail::SpamAssassin::Plugin::DMARC, one of the default plugins) requires this module. Error messages (reduced): Oct 5 16:20:09.892 [1302135] dbg: plugin: loading Mail::SpamAssassin::Plugin::DMARC from @INC ... Oct 5 16:20:11.810 [1302135] dbg: DMARC: cannot load Mail::DMARC::PurePerl: module: Can't locate Mail/DMARC/PurePerl.pm in @INC (you may need to install the Mail::DMARC::PurePerl module) ... Oct 5 16:20:11.810 [1302135] dbg: DMARC: Mail::DMARC::PurePerl is required for DMARC checks, DMARC checks disabled Reproducible: Always -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2316684 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 6

[Bug 2316236] New: slic3r no longer opens properly and cannot manipulate stl images
by bugzilla＠redhat.com 20 May '25

20 May '25

https://bugzilla.redhat.com/show_bug.cgi?id=2316236 Bug ID: 2316236 Summary: slic3r no longer opens properly and cannot manipulate stl images Product: Fedora Version: 40 Hardware: x86_64 OS: Linux Status: NEW Component: slic3r Keywords: Regression Severity: high Assignee: mhroncok(a)redhat.com Reporter: sandhillsinvestment(a)gmail.com QA Contact: extras-qa(a)fedoraproject.org CC: mhroncok(a)redhat.com, perl-devel(a)lists.fedoraproject.org Target Milestone: --- Classification: Fedora Since upgrade to kernel 6.10.10 or 6.10.11 and other packages updated at the same time slic3r has a distorted display when first opened. Resizing the window, even a tiny amount, restores the display properly. When opening any stl file for use to create the gcode that image is no longer manageable. The image cannot be selected with the mouse and functions that depend upon having the image selected are not usable. This includes scaling, cutting, creating multiple copies, rearranging on the printer deck, rotating, etc. Reproducible: Always Steps to Reproduce: 1.open slic3r and attempt to use if to create gcode for use with a 3d printer. 2. 3. Actual Results: images, once loaded into slicer cannot be manipulated in any way Expected Results: The image displayed should be able to be selected then the functions for scaling, rotating, creating multiple copies, and rearranging on the bed for proper printing should all function as previously done. I am using fedora 40, kernel 6.10.11, Workstation and slic3r has been working well until the last few updates. I have also downloaded the slic3r code and compiled it locally but the locally compiled version works the same as that installed with the rpm file. dnf list installed slic3r gives this ."slic3r.x86_64 1.3.0-33.fc40 @fedora" -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2316236 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 13

[Bug 2305918] New: CVE-2024-23185 perl-Email-Address-XS: very large headers can cause resource exhaustion when parsing message [fedora-all]
by bugzilla＠redhat.com 20 May '25

20 May '25

https://bugzilla.redhat.com/show_bug.cgi?id=2305918 Bug ID: 2305918 Summary: CVE-2024-23185 perl-Email-Address-XS: very large headers can cause resource exhaustion when parsing message [fedora-all] Product: Fedora Version: 40 Status: NEW Whiteboard: {"flaws": ["3477a34a-f4c8-488a-a933-f8ea1c702a4e"]} Component: perl-Email-Address-XS Keywords: Security, SecurityTracking Severity: high Priority: high Assignee: jplesnik(a)redhat.com Reporter: mbenatto(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: jplesnik(a)redhat.com, perl-devel(a)lists.fedoraproject.org Blocks: 2305910 (CVE-2024-23185) Target Milestone: --- Classification: Fedora More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2305910 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process. Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2305910 [Bug 2305910] CVE-2024-23185 dovecot: very large headers can cause resource exhaustion when parsing message -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2305918 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 4

[Bug 2354524] New: perl-Text-Kakasi-2.04-59.fc43 FTBFS: /usr/include/libkakasi.h:41:24: error: unknown type name ‘Character’
by bugzilla＠redhat.com 19 May '25

19 May '25

https://bugzilla.redhat.com/show_bug.cgi?id=2354524 Bug ID: 2354524 Summary: perl-Text-Kakasi-2.04-59.fc43 FTBFS: /usr/include/libkakasi.h:41:24: error: unknown type name ‘Character’ Product: Fedora Version: rawhide URL: https://koschei.fedoraproject.org/package/perl-Text-Ka kasi Status: NEW Component: perl-Text-Kakasi Assignee: tagoh(a)redhat.com Reporter: ppisar(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: i18n-bugs(a)lists.fedoraproject.org, perl-devel(a)lists.fedoraproject.org, tagoh(a)redhat.com Blocks: 2339432 (F43FTBFS,RAWHIDEFTBFS) Target Milestone: --- Classification: Fedora perl-Text-Kakasi-2.04-59.fc43 fails to build in Fedora 43: gcc -c -I/usr/local/include -D_REENTRANT -D_GNU_SOURCE -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -fwrapv -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -mtls-dialect=gnu2 -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DVERSION=\"2.04\" -DXS_VERSION=\"2.04\" -fPIC "-I/usr/lib64/perl5/CORE" -DWAKATIGAKI Kakasi.c In file included from Kakasi.xs:33: /usr/include/libkakasi.h:41:24: error: unknown type name ‘Character’ 41 | void digest_start_copy(Character *, Character *); | ^~~~~~~~~ [...] A difference between passing and failing build root is at <https://koschei.fedoraproject.org/build/19579547>. An upgrade of kakasi-devel from 2.3.6-29.fc41 to 2.3.6-31.fc42 looks suspicious. Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2339432 [Bug 2339432] Fedora 43 FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2354524 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 1

[Bug 2261445] New: perl-Authen-Krb5-Admin: FTBFS in Fedora rawhide/f40
by bugzilla＠redhat.com 16 May '25

16 May '25

https://bugzilla.redhat.com/show_bug.cgi?id=2261445 Bug ID: 2261445 Summary: perl-Authen-Krb5-Admin: FTBFS in Fedora rawhide/f40 Product: Fedora Version: rawhide Status: NEW Component: perl-Authen-Krb5-Admin Assignee: chkr(a)plauener.de Reporter: releng(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: chkr(a)plauener.de, perl-devel(a)lists.fedoraproject.org Blocks: 2231791 (F40FTBFS) Target Milestone: --- Classification: Fedora perl-Authen-Krb5-Admin failed to build from source in Fedora rawhide/f40 https://koji.fedoraproject.org/koji/taskinfo?taskID=112340152 For details on the mass rebuild see: https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild Please fix perl-Authen-Krb5-Admin at your earliest convenience and set the bug's status to ASSIGNED when you start fixing it. If the bug remains in NEW state for 8 weeks, perl-Authen-Krb5-Admin will be orphaned. Before branching of Fedora 41, perl-Authen-Krb5-Admin will be retired, if it still fails to build. For more details on the FTBFS policy, please visit: https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails… Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2231791 [Bug 2231791] Fedora 40 FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2261445 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 9

[Bug 2259166] New: perl-PDF-Haru-1.00-42.fc40 FTBFS: Haru.xs:1195:44: error: passing argument 2 of ‘HPDF_Page_SetDash’ from incompatible pointer type
by bugzilla＠redhat.com 16 May '25

16 May '25

https://bugzilla.redhat.com/show_bug.cgi?id=2259166 Bug ID: 2259166 Summary: perl-PDF-Haru-1.00-42.fc40 FTBFS: Haru.xs:1195:44: error: passing argument 2 of ‘HPDF_Page_SetDash’ from incompatible pointer type Product: Fedora Version: rawhide URL: https://koschei.fedoraproject.org/package/perl-PDF-Har u Status: NEW Component: perl-PDF-Haru Assignee: robinlee.sysu(a)gmail.com Reporter: ppisar(a)redhat.com QA Contact: extras-qa(a)fedoraproject.org CC: perl-devel(a)lists.fedoraproject.org, robinlee.sysu(a)gmail.com Blocks: 2231791 (F40FTBFS,RAWHIDEFTBFS) Target Milestone: --- Classification: Fedora perl-PDF-Haru-1.00-42.fc40 fails to build in Fedora 40: gcc -c -I. -D_REENTRANT -D_GNU_SOURCE -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -fwrapv -fno-strict-aliasing -I/usr/local/include -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Wno-complain-wrong-lang -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -DVERSION=\"1.00\" -DXS_VERSION=\"1.00\" -fPIC "-I/usr/lib64/perl5/CORE" Haru.c Haru.xs: In function ‘XS_PDF__Haru__Page_SetDash’: Haru.xs:1195:44: error: passing argument 2 of ‘HPDF_Page_SetDash’ from incompatible pointer type [-Wincompatible-pointer-types] 1195 | RETVAL = HPDF_Page_SetDash (page, ptn, num_elem + 1, phase); | ^~~ | | | HPDF_UINT16 * {aka short unsigned int *} In file included from Haru.xs:5: /usr/include/hpdf.h:1192:39: note: expected ‘const HPDF_REAL *’ {aka ‘const float *’} but argument is of type ‘HPDF_UINT16 *’ {aka ‘short unsigned int *’} 1192 | const HPDF_REAL *dash_ptn, | ~~~~~~~~~~~~~~~~~~^~~~~~~~ A difference between passing and failing build roots is at <https://koschei.fedoraproject.org/build/17079758>. This failure is probably triggered by upgrading gcc from 13.2.1-6.fc40 to 14.0.1-0.1.fc40. Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2231791 [Bug 2231791] Fedora 40 FTBFS Tracker -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2259166 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 3

[Bug 2257106] New: F40FailsToInstall: perl-WWW-Google-Contacts
by bugzilla＠redhat.com 16 May '25

16 May '25

https://bugzilla.redhat.com/show_bug.cgi?id=2257106 Bug ID: 2257106 Summary: F40FailsToInstall: perl-WWW-Google-Contacts Product: Fedora Version: rawhide Status: NEW Component: perl-WWW-Google-Contacts Assignee: avibrazil(a)gmail.com Reporter: fti-bugs(a)fedoraproject.org QA Contact: extras-qa(a)fedoraproject.org CC: avibrazil(a)gmail.com, perl-devel(a)lists.fedoraproject.org Blocks: 2231790 (F40FailsToInstall,RAWHIDEFailsToInstall) Target Milestone: --- Classification: Fedora Hello, Please note that this comment was generated automatically by https://pagure.io/releng/blob/main/f/scripts/ftbfs-fti/follow-policy.py If you feel that this output has mistakes, please open an issue at https://pagure.io/releng/ Your package (perl-WWW-Google-Contacts) Fails To Install in Fedora 40: can't install perl-WWW-Google-Contacts: - nothing provides perl(Net::Google::AuthSub) needed by perl-WWW-Google-Contacts-0.39-23.fc39.noarch If you know about this problem and are planning on fixing it, please acknowledge so by setting the bug status to ASSIGNED. If you don't have time to maintain this package, consider orphaning it, so maintainers of dependent packages realize the problem. If you don't react accordingly to the policy for FTBFS/FTI bugs (https://docs.fedoraproject.org/en-US/fesco/Fails_to_build_from_source_Fails…) your package may be orphaned in 8+ weeks. P.S. The data was generated solely from koji buildroot, so it might be newer than the latest compose or the content on mirrors. To reproduce, use the koji/local repo only, e.g. in mock: $ mock -r fedora-40-x86_64 --config-opts mirrored=False install perl-WWW-Google-Contacts P.P.S. If this bug has been reported in the middle of upgrading multiple dependent packages, please consider using side tags: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/#updating-inter-d… Thanks! Referenced Bugs: https://bugzilla.redhat.com/show_bug.cgi?id=2231790 [Bug 2231790] Fedora 40 Fails To install Tracker -- You are receiving this mail because: You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2257106 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…

1 7

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

perl-devel April 2025