CPAN 1.83_68 Deleted
Security Advisories
CVE-2023-31484
The verify_SSL flag is missing from HTTP::Tiny, and allows a network attacker to MITM the connection if it is used by the CPAN client
- https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0
- https://blog.hackeriet.no/perl-http-tiny-insecure-tls-default-affects-cpan-modules/
- https://github.com/andk/cpanpm/pull/175
- https://www.openwall.com/lists/oss-security/2023/04/18/14
Fixed version: >=2.35
Reported: 2023-02-28
Archive::Tar preserves permissions in the tarball; extracted file permissions will be set from users umask instead.
- https://github.com/andk/cpanpm/commit/079fa2e7ee77d626eab8bb06d0465c6a05f6c8b6
- https://rt.cpan.org/Ticket/Display.html?id=46384
Fixed version: >=1.93
Reported: 2009-09-23
CVE-2020-16156
CPAN 2.28 allows Signature Verification Bypass.
- https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
- http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SZ32AJIV4RHJMLWLU5QULGKMMIHYOMDC/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SD6RYOJII7HRJ6WVORFNVTYNOFY5JDXN/
Fixed version: >=2.29
Severity: high
Reported: 2021-12-13
Kwalitee Issues
- no_files_to_be_skipped
-
Fix MANIFEST.SKIP or use an authoring tool which respects MANIFEST.SKIP. Note that each entry in MANIFEST.SKIP is a regular expression. You may need to add appropriate meta characters not to ignore necessary stuff.
Error: ChangeLog,ChangeLog.old,Changes,MANIFEST.SKIP,SIGNATURE
- meta_yml_declares_perl_version
-
If you are using Build.PL define the {requires}{perl} = VERSION field. If you are using MakeMaker (Makefile.PL) you should upgrade ExtUtils::MakeMaker to 6.48 and use MIN_PERL_VERSION parameter. Perl::MinimumVersion can help you determine which version of Perl your module needs.
- has_meta_json
-
Add a META.json to the distribution. Your buildtool should be able to autogenerate it.
- meta_yml_has_license
-
Define the license if you are using in Build.PL. If you are using MakeMaker (Makefile.PL) you should upgrade to ExtUtils::MakeMaker version 6.31.
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: Bundle::CPAN, CPAN, CPAN::Admin, CPAN::Debug, CPAN::FirstTime, CPAN::HandleConfig, CPAN::Nox, CPAN::Tarzip, CPAN::Version
- consistent_version
-
Split the distribution, or fix the version numbers to make them consistent (use the highest version number to avoid version downgrade).
Error: 1.82,1.83_68,5.400561,5.400568
- meta_yml_has_provides
-
Add all modules contained in this distribution to the META.yml field 'provides'. Module::Build or Dist::Zilla::Plugin::MetaProvides do this automatically for you.
- meta_yml_has_repository_resource
-
Add a 'repository' resource to the META.yml via 'meta_add' accessor (for Module::Build) or META_ADD parameter (for ExtUtils::MakeMaker).
- has_separate_license_file
-
This is not a critical issue. Currently mainly informative for the CPANTS authors. It might be removed later.
Modules
Name | Abstract | Version | View |
---|---|---|---|
Bundle::CPAN | A bundle to play with all the other modules on CPAN | 1.82 | metacpan |
CPAN | query, download and build perl modules from CPAN sites | 1.83_68 | metacpan |
CPAN::Admin | A CPAN Shell for CPAN admins | 5.400561 | metacpan |
CPAN::Debug | 5.400561 | metacpan | |
CPAN::FirstTime | Utility for CPAN::Config file Initialization | 5.400561 | metacpan |
CPAN::HandleConfig | 5.400568 | metacpan | |
CPAN::Nox | Wrapper around CPAN.pm without using any XS module | 5.400561 | metacpan |
CPAN::Tarzip | 5.400561 | metacpan | |
CPAN::Version | utility functions to compare CPAN versions | 5.400561 | metacpan |
Provides
Name | File | View |
---|---|---|
CPAN::Author | lib/CPAN.pm | metacpan |
CPAN::Bundle | lib/CPAN.pm | metacpan |
CPAN::CacheMgr | lib/CPAN.pm | metacpan |
CPAN::Complete | lib/CPAN.pm | metacpan |
CPAN::Distribution | lib/CPAN.pm | metacpan |
CPAN::Distrostatus | lib/CPAN.pm | metacpan |
CPAN::Eval | lib/CPAN.pm | metacpan |
CPAN::Exception::RecursiveDependency | lib/CPAN.pm | metacpan |
CPAN::FTP | lib/CPAN.pm | metacpan |
CPAN::FTP::netrc | lib/CPAN.pm | metacpan |
CPAN::Index | lib/CPAN.pm | metacpan |
CPAN::InfoObj | lib/CPAN.pm | metacpan |
CPAN::LWP::UserAgent | lib/CPAN.pm | metacpan |
CPAN::Mirrored::By | lib/CPAN/FirstTime.pm | metacpan |
CPAN::Module | lib/CPAN.pm | metacpan |
CPAN::Prompt | lib/CPAN.pm | metacpan |
CPAN::Queue | lib/CPAN.pm | metacpan |
CPAN::Shell | lib/CPAN.pm | metacpan |