https://bugzilla.redhat.com/show_bug.cgi?id=2368661
Bug ID: 2368661
Summary: Please branch and build perl-Modern-Perl in epel10
Product: Fedora EPEL
Version: epel10
Status: NEW
Component: perl-Modern-Perl
Assignee: paul(a)city-fan.org
Reporter: linux(a)cmadams.net
QA Contact: extras-qa(a)fedoraproject.org
CC: paul(a)city-fan.org, perl-devel(a)lists.fedoraproject.org
Target Milestone: ---
Classification: Fedora
Please branch and build perl-Modern-Perl in epel10.
If you do not wish to maintain perl-Modern-Perl in epel10,
or do not think you will be able to do this in a timely manner,
I would be happy to be a co-maintainer of the package.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2368661
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2035273
Bug ID: 2035273
Summary: CVE-2020-16156 perl-CPAN: allows Signature
Verification Bypass
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: mrehak(a)redhat.com
CC: caswilli(a)redhat.com, hhorak(a)redhat.com,
jorton(a)redhat.com, jplesnik(a)redhat.com,
kaycoth(a)redhat.com, mspacek(a)redhat.com,
perl-devel(a)lists.fedoraproject.org,
perl-maint-list(a)redhat.com, ppisar(a)redhat.com
Target Milestone: ---
Classification: Other
It was found that cpan and cpanm are vulnerable to a signature verification
bypass. Additionally, CPAN::Checksums (used by PAUSE) does not uniquely
identify packages in the signed CHECKSUMS file, enabling a supply chain attack.
Reference:
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2035273
https://bugzilla.redhat.com/show_bug.cgi?id=2369463
Bug ID: 2369463
Summary: CVE-2025-40909 perl: Perl threads have a working
directory race condition where file operations may
target unintended paths [fedora-42]
Product: Fedora
Version: 42
Status: NEW
Whiteboard: {"flaws": ["8b3c517f-748c-46a7-a86f-5a69dd326cf3"]}
Component: perl
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: jplesnik(a)redhat.com
Reporter: mfindra(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: iarnell(a)gmail.com, jplesnik(a)redhat.com, kasal(a)ucw.cz,
mmaslano(a)redhat.com, mspacek(a)redhat.com,
perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com,
psabata(a)redhat.com, rhughes(a)redhat.com,
spotrh(a)gmail.com
Blocks: 2369407 (CVE-2025-40909)
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
https://bugzilla.redhat.com/show_bug.cgi?id=2369407
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=2369407
[Bug 2369407] CVE-2025-40909 perl: Perl threads have a working directory race
condition where file operations may target unintended paths
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2369463
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2369462
Bug ID: 2369462
Summary: CVE-2025-40909 perl: Perl threads have a working
directory race condition where file operations may
target unintended paths [fedora-41]
Product: Fedora
Version: 41
Status: NEW
Whiteboard: {"flaws": ["8b3c517f-748c-46a7-a86f-5a69dd326cf3"]}
Component: perl
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: jplesnik(a)redhat.com
Reporter: mfindra(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: iarnell(a)gmail.com, jplesnik(a)redhat.com, kasal(a)ucw.cz,
mmaslano(a)redhat.com, mspacek(a)redhat.com,
perl-devel(a)lists.fedoraproject.org, ppisar(a)redhat.com,
psabata(a)redhat.com, rhughes(a)redhat.com,
spotrh(a)gmail.com
Blocks: 2369407 (CVE-2025-40909)
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
https://bugzilla.redhat.com/show_bug.cgi?id=2369407
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=2369407
[Bug 2369407] CVE-2025-40909 perl: Perl threads have a working directory race
condition where file operations may target unintended paths
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2369462
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2369095
Bug ID: 2369095
Summary: CVE-2025-48734 perl-qooxdoo-compat: Apache Commons
BeanUtils: PropertyUtilsBean does not suppresses an
enum's declaredClass property by default [fedora-42]
Product: Fedora
Version: 42
Status: NEW
Whiteboard: {"flaws": ["eab3bab3-4899-4c1c-9a5a-99d460d29b47"]}
Component: perl-qooxdoo-compat
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Assignee: terjeros(a)gmail.com
Reporter: jmoroney(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: perl-devel(a)lists.fedoraproject.org, terjeros(a)gmail.com
Blocks: 2368956
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
https://bugzilla.redhat.com/show_bug.cgi?id=2368956
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2369095
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2369087
Bug ID: 2369087
Summary: CVE-2025-31501 rt: From CVEorg collector [fedora-42]
Product: Fedora
Version: 42
Status: NEW
Whiteboard: {"flaws": ["c8ec98c3-462b-423d-8c73-182e3e8d58e8"]}
Component: rt
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Assignee: rc040203(a)freenet.de
Reporter: jmoroney(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: j(a)tib.bs, perl-devel(a)lists.fedoraproject.org,
rc040203(a)freenet.de
Blocks: 2369046
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
https://bugzilla.redhat.com/show_bug.cgi?id=2369046
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2369087
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2369086
Bug ID: 2369086
Summary: CVE-2025-31501 rt: From CVEorg collector [fedora-41]
Product: Fedora
Version: 41
Status: NEW
Whiteboard: {"flaws": ["c8ec98c3-462b-423d-8c73-182e3e8d58e8"]}
Component: rt
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Assignee: rc040203(a)freenet.de
Reporter: jmoroney(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: j(a)tib.bs, perl-devel(a)lists.fedoraproject.org,
rc040203(a)freenet.de
Blocks: 2369046
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
https://bugzilla.redhat.com/show_bug.cgi?id=2369046
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2369086
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…
https://bugzilla.redhat.com/show_bug.cgi?id=2369085
Bug ID: 2369085
Summary: CVE-2025-31500 rt: From CVEorg collector [fedora-42]
Product: Fedora
Version: 42
Status: NEW
Whiteboard: {"flaws": ["c55fe921-0a1e-4abb-a764-5cffc06fc38e"]}
Component: rt
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Assignee: rc040203(a)freenet.de
Reporter: jmoroney(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: j(a)tib.bs, perl-devel(a)lists.fedoraproject.org,
rc040203(a)freenet.de
Blocks: 2369035
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
https://bugzilla.redhat.com/show_bug.cgi?id=2369035
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2369085
Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-sp…