PlRPC 0.2015
Security Advisories
CVE-2013-7284
The PlRPC module, possibly 0.2020 and earlier, for Perl uses the Storable module, which allows remote attackers to execute arbitrary code via a crafted request, which is not properly handled when it is deserialized.
- https://bugzilla.redhat.com/show_bug.cgi?id=1051108
- http://seclists.org/oss-sec/2014/q1/56
- http://seclists.org/oss-sec/2014/q1/62
- https://bugzilla.redhat.com/show_bug.cgi?id=1030572
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734789
- https://rt.cpan.org/Public/Bug/Display.html?id=90474
Reported: 2014-04-29
Kwalitee Issues
- has_meta_yml
-
Add a META.yml to the distribution. Your buildtool should be able to autogenerate it.
- use_strict
-
Add 'use strict' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules are strictly written.
Error: Bundle::PlRPC
- prereq_matches_use
-
List all used modules in META.yml requires
Error:
- Net::Daemon
- Net::Daemon::Log
- Net::Daemon::Test
- main_module_version_matches_dist_version
-
Make sure that the main module name and version are the same of the distribution.
- has_meta_json
-
Add a META.json to the distribution. Your buildtool should be able to autogenerate it.
- meta_yml_has_license
-
Define the license if you are using in Build.PL. If you are using MakeMaker (Makefile.PL) you should upgrade to ExtUtils::MakeMaker version 6.31.
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: Bundle::PlRPC, RPC::PlClient, RPC::PlServer, RPC::PlServer::Comm, RPC::PlServer::Test
- no_unauthorized_packages
-
Ask the owner of the distribution (the one who released it first, or the one who is designated in x_authority) to give you a (co-)maintainer's permission.
Error:
- Bundle::PlRPC
- RPC::PlClient
- RPC::PlClient::Object
- RPC::PlServer
- RPC::PlServer::Comm
- RPC::PlServer::Test
- test_prereq_matches_use
-
List all modules used in the test suite in META.yml test_requires
Error:
- Crypt::DES
- consistent_version
-
Split the distribution, or fix the version numbers to make them consistent (use the highest version number to avoid version downgrade).
Error: 0.01,0.03,0.1001,0.2015
- has_separate_license_file
-
This is not a critical issue. Currently mainly informative for the CPANTS authors. It might be removed later.
Modules
Name | Abstract | Version | View |
---|---|---|---|
Bundle::PlRPC | A bundle to install PlRPC-Server, Client and prerequisites. | 0.03 | metacpan |
RPC::PlClient | Perl extension for writing PlRPC clients | 0.2015 | metacpan |
RPC::PlServer | Perl extension for writing PlRPC servers | 0.2015 | metacpan |
RPC::PlServer::Comm | 0.1001 | metacpan | |
RPC::PlServer::Test | 0.01 | metacpan |
Provides
Name | File | View |
---|---|---|
RPC::PlClient::Object | lib/RPC/PlClient.pm | metacpan |