perl-HTTP-Tiny-0.074-2.el8
エラータID: AXSA:2023-7126:02
Release date:
Friday, December 22, 2023 - 11:54
Subject:
perl-HTTP-Tiny-0.074-2.el8
Affected Channels:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
HTTP::Tiny is a small and simple HTTP/1.1 client written in Perl.
Security Fix(es):
* http-tiny: insecure TLS cert default (CVE-2023-31486)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Asianux Server 8.9 Release Notes linked from the References section.
CVE-2023-31486
HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
Solution:
Update packages.
CVEs:
CVE-2023-31486
HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
Additional Info:
N/A
Download:
SRPMS
- perl-HTTP-Tiny-0.074-2.el8.src.rpm
MD5: 5e0c842987a59c39033817df8757d4f8
SHA-256: adbd7df0447f34c2b77bd8935797f6dacc49cb7b6ec9056112c087ac4220429d
Size: 90.62 kB
Asianux Server 8 for x86_64
- perl-HTTP-Tiny-0.074-2.el8.noarch.rpm
MD5: 8ae0c4ee6002ee3ea95aa573615568f2
SHA-256: ea7d4f276762b906bccbeaa3a883b31d77392f67c626d5993121740218d07056
Size: 57.26 kB
日本語