App-cpanminus 1.6924
Security Advisories
CVE-2020-16154
The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass.
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DENFY4CRTIZL5WYYUYUM4VKCJNXO4QIW/
- https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
- https://access.redhat.com/security/cve/cve-2020-16154
- https://security-tracker.debian.org/tracker/CVE-2020-16154
- https://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
- https://github.com/miyagawa/cpanminus/pull/638
Fixed version: >=1.7045
Reported: 2020-07-30
Kwalitee Issues
- meta_yml_is_parsable
-
Upgrade your YAML generator so it produces valid YAML.
Error: Error reading from file 'App-cpanminus-1.6924/META.yml': UTF-8 "\xE5" does not map to Unicode
- use_strict
-
Add 'use strict' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules are strictly written.
Error: App::cpanminus
- meta_yml_declares_perl_version
-
If you are using Build.PL define the {requires}{perl} = VERSION field. If you are using MakeMaker (Makefile.PL) you should upgrade ExtUtils::MakeMaker to 6.48 and use MIN_PERL_VERSION parameter. Perl::MinimumVersion can help you determine which version of Perl your module needs.
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: App::cpanminus
- meta_yml_has_provides
-
Add all modules contained in this distribution to the META.yml field 'provides'. Module::Build or Dist::Zilla::Plugin::MetaProvides do this automatically for you.
Modules
Name | Abstract | Version | View |
---|---|---|---|
App::cpanminus | get, unpack, build and install modules from CPAN | 1.6924 | metacpan |