Bug#942851: perl-modules-5.30: CPAN.pm is insecure by default, no warnings
Vincent Lefevre
vincent at vinc17.net
Wed Feb 23 02:46:50 GMT 2022
Now, there's CVE-2020-16156. If this bug had been fixed, the
vulnerability would have been avoided.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
--
Vincent Lefèvre <vincent at vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
More information about the Perl-maintainers
mailing list