libwww-perl 5.837
Security Advisories
LWP::Protocol::file can open existent file from file:// scheme. However, current version of LWP uses open FILEHANDLE,EXPR and it has ability to execute arbitrary command
Fixed version: >=6.27
Reported: 2017-11-06
CVE-2011-0633
The Net::HTTPS module in libwww-perl (LWP) before 6.00, as used in WWW::Mechanize, LWP::UserAgent, and other products, when running in environments that do not set the If-SSL-Cert-Subject header, does not enable full validation of SSL certificates by default, which allows remote attackers to spoof servers via man-in-the-middle (MITM) attacks involving hostnames that are not properly validated.
- http://vttynotes.blogspot.com/2010/12/man-in-middle-fun-with-perl-lwp.html
- http://vttynotes.blogspot.com/2011/03/quick-note-on-lwp-and-perl-security-cve.html
Fixed version: >=6.00
Reported: 2011-01-20
Kwalitee Issues
- use_strict
-
Add 'use strict' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules are strictly written.
Error: Bundle::LWP, HTTP::Negotiate, LWP, LWP::Debug, LWP::DebugFile, LWP::MemberMixin
- main_module_version_matches_dist_version
-
Make sure that the main module name and version are the same of the distribution.
- no_pod_errors
-
Remove the POD errors. You can check for POD errors automatically by including Test::Pod to your test suite.
Error: libwww-perl-5.837/lib/LWP.pm -- Around line 602: Non-ASCII character seen before =encoding in 'König,'. Assuming UTF-8
- has_meta_json
-
Add a META.json to the distribution. Your buildtool should be able to autogenerate it.
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: Bundle::LWP, File::Listing, HTML::Form, HTTP::Config, HTTP::Cookies, HTTP::Cookies::Microsoft, HTTP::Cookies::Netscape, HTTP::Daemon, HTTP::Date, HTTP::Headers, HTTP::Headers::Auth, HTTP::Headers::ETag, HTTP::Headers::Util, HTTP::Message, HTTP::Negotiate, HTTP::Request, HTTP::Request::Common, HTTP::Response, HTTP::Status, LWP, LWP::Authen::Basic, LWP::Authen::Digest, LWP::Authen::Ntlm, LWP::ConnCache, LWP::Debug, LWP::DebugFile, LWP::MediaTypes, LWP::MemberMixin, LWP::Protocol, LWP::Protocol::GHTTP, LWP::Protocol::cpan, LWP::Protocol::data, LWP::Protocol::file, LWP::Protocol::ftp, LWP::Protocol::gopher, LWP::Protocol::http, LWP::Protocol::http10, LWP::Protocol::https, LWP::Protocol::https10, LWP::Protocol::loopback, LWP::Protocol::mailto, LWP::Protocol::nntp, LWP::Protocol::nogo, LWP::RobotUA, LWP::Simple, LWP::UserAgent, Net::HTTP, Net::HTTP::Methods, Net::HTTP::NB, Net::HTTPS, WWW::RobotRules, WWW::RobotRules::AnyDBM_File
- consistent_version
-
Split the distribution, or fix the version numbers to make them consistent (use the highest version number to avoid version downgrade).
Error: 5.810,5.817,5.819,5.821,5.824,5.827,5.829,5.831,5.832,5.834,5.835,5.836,5.837
- meta_yml_has_provides
-
Add all modules contained in this distribution to the META.yml field 'provides'. Module::Build or Dist::Zilla::Plugin::MetaProvides do this automatically for you.
- has_separate_license_file
-
This is not a critical issue. Currently mainly informative for the CPANTS authors. It might be removed later.
Modules
Name | Abstract | Version | View |
---|---|---|---|
Bundle::LWP | install all libwww-perl related modules | 5.835 | metacpan |
File::Listing | parse directory listing | 5.837 | metacpan |
HTML::Form | Class that represents an HTML form element | 5.829 | metacpan |
HTTP::Config | Configuration for request and response objects | 5.835 | metacpan |
HTTP::Cookies | HTTP cookie jars | 5.837 | metacpan |
HTTP::Cookies::Microsoft | access to Microsoft cookies files | 5.821 | metacpan |
HTTP::Cookies::Netscape | access to Netscape cookies files | 5.832 | metacpan |
HTTP::Daemon | a simple http server class | 5.827 | metacpan |
HTTP::Date | date conversion routines | 5.831 | metacpan |
HTTP::Headers | Class encapsulating HTTP Message headers | 5.835 | metacpan |
HTTP::Headers::Auth | 5.817 | metacpan | |
HTTP::Headers::ETag | 5.810 | metacpan | |
HTTP::Headers::Util | Header value parsing utility functions | 5.817 | metacpan |
HTTP::Message | HTTP style message (base class) | 5.837 | metacpan |
HTTP::Negotiate | choose a variant to serve | 5.835 | metacpan |
HTTP::Request | HTTP style request message | 5.827 | metacpan |
HTTP::Request::Common | Construct common HTTP::Request objects | 5.824 | metacpan |
HTTP::Response | HTTP style response message | 5.836 | metacpan |
HTTP::Status | HTTP Status code processing | 5.817 | metacpan |
LWP | The World-Wide Web library for Perl | 5.837 | metacpan |
LWP::Authen::Basic | metacpan | ||
LWP::Authen::Digest | metacpan | ||
LWP::Authen::Ntlm | Library for enabling NTLM authentication (Microsoft) in LWP | 5.835 | metacpan |
LWP::ConnCache | Connection cache manager | 5.810 | metacpan |
LWP::Debug | deprecated | metacpan | |
LWP::DebugFile | metacpan | ||
LWP::MediaTypes | guess media type for a file or a URL | 5.835 | metacpan |
LWP::MemberMixin | Member access mixin class | metacpan | |
LWP::Protocol | Base class for LWP protocols | 5.829 | metacpan |
LWP::Protocol::GHTTP | metacpan | ||
LWP::Protocol::cpan | metacpan | ||
LWP::Protocol::data | metacpan | ||
LWP::Protocol::file | metacpan | ||
LWP::Protocol::ftp | metacpan | ||
LWP::Protocol::gopher | metacpan | ||
LWP::Protocol::http | metacpan | ||
LWP::Protocol::http10 | metacpan | ||
LWP::Protocol::https | metacpan | ||
LWP::Protocol::https10 | metacpan | ||
LWP::Protocol::loopback | metacpan | ||
LWP::Protocol::mailto | metacpan | ||
LWP::Protocol::nntp | metacpan | ||
LWP::Protocol::nogo | metacpan | ||
LWP::RobotUA | a class for well-behaved Web robots | 5.835 | metacpan |
LWP::Simple | simple procedural interface to LWP | 5.835 | metacpan |
LWP::UserAgent | Web user agent class | 5.835 | metacpan |
Net::HTTP | Low-level HTTP connection (client) | 5.834 | metacpan |
Net::HTTP::Methods | 5.834 | metacpan | |
Net::HTTP::NB | Non-blocking HTTP client | 5.810 | metacpan |
Net::HTTPS | 5.819 | metacpan | |
WWW::RobotRules | database of robots.txt-derived permissions | 5.832 | metacpan |
WWW::RobotRules::AnyDBM_File | Persistent RobotRules | 5.835 | metacpan |
Provides
Name | File | View |
---|---|---|
File::Listing::apache | lib/File/Listing.pm | metacpan |
File::Listing::dosftp | lib/File/Listing.pm | metacpan |
File::Listing::netware | lib/File/Listing.pm | metacpan |
File::Listing::unix | lib/File/Listing.pm | metacpan |
File::Listing::vms | lib/File/Listing.pm | metacpan |
HTML::Form::FileInput | lib/HTML/Form.pm | metacpan |
HTML::Form::IgnoreInput | lib/HTML/Form.pm | metacpan |
HTML::Form::ImageInput | lib/HTML/Form.pm | metacpan |
HTML::Form::Input | lib/HTML/Form.pm | metacpan |
HTML::Form::KeygenInput | lib/HTML/Form.pm | metacpan |
HTML::Form::ListInput | lib/HTML/Form.pm | metacpan |
HTML::Form::SubmitInput | lib/HTML/Form.pm | metacpan |
HTML::Form::TextInput | lib/HTML/Form.pm | metacpan |
HTTP::Daemon::ClientConn | lib/HTTP/Daemon.pm | metacpan |
LWP::Protocol::MyFTP | lib/LWP/Protocol/ftp.pm | metacpan |
LWP::Protocol::http::Socket | lib/LWP/Protocol/http.pm | metacpan |
LWP::Protocol::http::SocketMethods | lib/LWP/Protocol/http.pm | metacpan |
LWP::Protocol::https::Socket | lib/LWP/Protocol/https.pm | metacpan |
WWW::RobotRules::InCore | lib/WWW/RobotRules.pm | metacpan |