CPAN 1.58_55 Deleted
Security Advisories
CVE-2023-31484
The verify_SSL flag is missing from HTTP::Tiny, and allows a network attacker to MITM the connection if it is used by the CPAN client
- https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0
- https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/
- https://github.com/andk/cpanpm/pull/175
- https://www.openwall.com/lists/oss-security/2023/04/18/14
Fixed version: >=2.35
Reported: 2023-02-28
Archive::Tar preserves permissions in the tarball; extracted file permissions will be set from users umask instead.
- https://github.com/andk/cpanpm/commit/079fa2e7ee77d626eab8bb06d0465c6a05f6c8b6
- https://rt.cpan.org/Ticket/Display.html?id=46384
Fixed version: >=1.93
Reported: 2009-09-23
CVE-2020-16156
CPAN 2.28 allows Signature Verification Bypass.
- https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
- http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
Fixed version: >=2.29
Severity: high
Reported: 2021-12-13
Kwalitee Issues
- has_meta_yml
-
Add a META.yml to the distribution. Your buildtool should be able to autogenerate it.
- has_human_readable_license
-
Add a section called "LICENSE" to the documentation, or add a file named LICENSE to the distribution.
- has_license_in_source_file
-
Add =head1 LICENSE and the text of the license to the main module in your code.
- manifest_matches_dist
-
Run a proper command ("make manifest" or "./Build manifest", maybe with a force option), or use a distribution builder to generate the MANIFEST. Or update MANIFEST manually.
Error:
- MANIFEST (12) does not match dist (13):
- Missing in MANIFEST: README
- use_strict
-
Add 'use strict' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules are strictly written.
Error: Bundle::CPAN
- prereq_matches_use
-
List all used modules in META.yml requires
Error:
- URI::Escape
- no_pod_errors
-
Remove the POD errors. You can check for POD errors automatically by including Test::Pod to your test suite.
Error: CPAN-1.58_55/lib/Bundle/CPAN.pm -- Around line 60: Non-ASCII character seen before =encoding in 'König'. Assuming CP1252
- has_meta_json
-
Add a META.json to the distribution. Your buildtool should be able to autogenerate it.
- meta_yml_has_license
-
Define the license if you are using in Build.PL. If you are using MakeMaker (Makefile.PL) you should upgrade to ExtUtils::MakeMaker version 6.31.
- has_known_license_in_source_file
-
Add =head1 LICENSE and/or the proper text of the well-known license to the main module in your code.
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: Bundle::CPAN, CPAN, CPAN::Admin, CPAN::FirstTime, CPAN::Nox
- consistent_version
-
Split the distribution, or fix the version numbers to make them consistent (use the highest version number to avoid version downgrade).
Error: 1.00,1.004,1.48,1.58,1.58_55
- has_separate_license_file
-
This is not a critical issue. Currently mainly informative for the CPANTS authors. It might be removed later.
Modules
Name | Abstract | Version | View |
---|---|---|---|
Bundle::CPAN | A bundle to play with all the other modules on CPAN | 1.58 | metacpan |
CPAN | query, download and build perl modules from CPAN sites | 1.58_55 | metacpan |
CPAN::Admin | A CPAN Shell for CPAN admins | 1.004 | metacpan |
CPAN::FirstTime | Utility for CPAN::Config file Initialization | 1.48 | metacpan |
CPAN::Nox | Wrapper around CPAN.pm without using any XS module | 1.00 | metacpan |
Provides
Name | File | View |
---|---|---|
CPAN::Author | lib/CPAN.pm | metacpan |
CPAN::Bundle | lib/CPAN.pm | metacpan |
CPAN::CacheMgr | lib/CPAN.pm | metacpan |
CPAN::Complete | lib/CPAN.pm | metacpan |
CPAN::Config | lib/CPAN.pm | metacpan |
CPAN::Debug | lib/CPAN.pm | metacpan |
CPAN::Distribution | lib/CPAN.pm | metacpan |
CPAN::Eval | lib/CPAN.pm | metacpan |
CPAN::FTP | lib/CPAN.pm | metacpan |
CPAN::FTP::netrc | lib/CPAN.pm | metacpan |
CPAN::Index | lib/CPAN.pm | metacpan |
CPAN::InfoObj | lib/CPAN.pm | metacpan |
CPAN::Mirrored::By | lib/CPAN/FirstTime.pm | metacpan |
CPAN::Module | lib/CPAN.pm | metacpan |
CPAN::Queue | lib/CPAN.pm | metacpan |
CPAN::Shell | lib/CPAN.pm | metacpan |
CPAN::Tarzip | lib/CPAN.pm | metacpan |
CPAN::Version | lib/CPAN.pm | metacpan |