App-cpanminus 1.7024
Security Advisories
CVE-2020-16154
The App::cpanminus package 1.7044 for Perl allows Signature Verification Bypass.
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DENFY4CRTIZL5WYYUYUM4VKCJNXO4QIW/
- https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
- https://access.redhat.com/security/cve/cve-2020-16154
- https://security-tracker.debian.org/tracker/CVE-2020-16154
- https://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
- https://github.com/miyagawa/cpanminus/pull/638
Fixed version: >=1.7045
Reported: 2020-07-30
Kwalitee Issues
- has_readme
-
Add a README to the distribution. It should contain a quick description of your module and how to install it.
- use_strict
-
Add 'use strict' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules are strictly written.
Error: App::cpanminus
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: App::cpanminus
- meta_yml_has_provides
-
Add all modules contained in this distribution to the META.yml field 'provides'. Module::Build or Dist::Zilla::Plugin::MetaProvides do this automatically for you.
Modules
Name | Abstract | Version | View |
---|---|---|---|
App::cpanminus | get, unpack, build and install modules from CPAN | 1.7024 | metacpan |