PlRPC 0.2019
Security Advisories
CVE-2013-7284
The PlRPC module, possibly 0.2020 and earlier, for Perl uses the Storable module, which allows remote attackers to execute arbitrary code via a crafted request, which is not properly handled when it is deserialized.
- https://bugzilla.redhat.com/show_bug.cgi?id=1051108
- http://seclists.org/oss-sec/2014/q1/56
- http://seclists.org/oss-sec/2014/q1/62
- https://bugzilla.redhat.com/show_bug.cgi?id=1030572
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734789
- https://rt.cpan.org/Public/Bug/Display.html?id=90474
Reported: 2014-04-29
Kwalitee Issues
- manifest_matches_dist
-
Run a proper command ("make manifest" or "./Build manifest", maybe with a force option), or use a distribution builder to generate the MANIFEST. Or update MANIFEST manually.
Error:
- MANIFEST (18) does not match dist (50):
- Missing in MANIFEST: .svn/entries, .svn/format, .svn/text-base/ChangeLog.svn-base, .svn/text-base/MANIFEST.svn-base, .svn/text-base/META.yml.svn-base, .svn/text-base/Makefile.PL.svn-base, .svn/text-base/README.svn-base, lib/.svn/entries, lib/.svn/format, lib/Bundle/.svn/entries, lib/Bundle/.svn/format, lib/Bundle/.svn/text-base/PlRPC.pm.svn-base, lib/RPC/.svn/entries, lib/RPC/.svn/format, lib/RPC/.svn/text-base/PlClient.pm.svn-base, lib/RPC/.svn/text-base/PlServer.pm.svn-base, lib/RPC/PlClient/.svn/entries, lib/RPC/PlClient/.svn/format, lib/RPC/PlClient/.svn/text-base/Comm.pm.svn-base, lib/RPC/PlServer/.svn/entries, lib/RPC/PlServer/.svn/format, lib/RPC/PlServer/.svn/text-base/Comm.pm.svn-base, lib/RPC/PlServer/.svn/text-base/Test.pm.svn-base, t/.svn/entries, t/.svn/format, t/.svn/text-base/base.t.svn-base, t/.svn/text-base/client.t.svn-base, t/.svn/text-base/compress.t.svn-base, t/.svn/text-base/crypt.t.svn-base, t/.svn/text-base/lib.pl.svn-base, t/.svn/text-base/methods.t.svn-base, t/.svn/text-base/server.svn-base
- use_strict
-
Add 'use strict' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules are strictly written.
Error: Bundle::PlRPC
- main_module_version_matches_dist_version
-
Make sure that the main module name and version are the same of the distribution.
- meta_yml_declares_perl_version
-
If you are using Build.PL define the {requires}{perl} = VERSION field. If you are using MakeMaker (Makefile.PL) you should upgrade ExtUtils::MakeMaker to 6.48 and use MIN_PERL_VERSION parameter. Perl::MinimumVersion can help you determine which version of Perl your module needs.
- has_meta_json
-
Add a META.json to the distribution. Your buildtool should be able to autogenerate it.
- no_dot_dirs
-
Fix MANIFEST (or MANIFEST.SKIP) to exclude dot directories from a distribution. Use an appropriate tool and avoid archiving your working directory by hand. If you switch your version control system, remove old VCS directories after you migrate.
Error: .svn
- meta_yml_has_license
-
Define the license if you are using in Build.PL. If you are using MakeMaker (Makefile.PL) you should upgrade to ExtUtils::MakeMaker version 6.31.
- use_warnings
-
Add 'use warnings' (or its equivalents) to all modules, or convince us that your favorite module is well-known enough and people can easily see the modules warn when something bad happens.
Error: Bundle::PlRPC, RPC::PlClient, RPC::PlClient::Comm, RPC::PlServer, RPC::PlServer::Comm, RPC::PlServer::Test
- consistent_version
-
Split the distribution, or fix the version numbers to make them consistent (use the highest version number to avoid version downgrade).
Error: 0.01,0.03,0.1002,0.1003,0.2019
- meta_yml_has_provides
-
Add all modules contained in this distribution to the META.yml field 'provides'. Module::Build or Dist::Zilla::Plugin::MetaProvides do this automatically for you.
- meta_yml_has_repository_resource
-
Add a 'repository' resource to the META.yml via 'meta_add' accessor (for Module::Build) or META_ADD parameter (for ExtUtils::MakeMaker).
- has_separate_license_file
-
This is not a critical issue. Currently mainly informative for the CPANTS authors. It might be removed later.
Modules
Name | Abstract | Version | View |
---|---|---|---|
Bundle::PlRPC | A bundle to install PlRPC-Server, Client and prerequisites. | 0.03 | metacpan |
RPC::PlClient | Perl extension for writing PlRPC clients | 0.2019 | metacpan |
RPC::PlClient::Comm | 0.1002 | metacpan | |
RPC::PlServer | Perl extension for writing PlRPC servers | 0.2019 | metacpan |
RPC::PlServer::Comm | 0.1003 | metacpan | |
RPC::PlServer::Test | 0.01 | metacpan |
Provides
Name | File | View |
---|---|---|
RPC::PlClient::Object | lib/RPC/PlClient.pm | metacpan |