perl-HTTP-Tiny-0.033-3.0.1.el7.AXS7
エラータID: AXSA:2025-10975:01
Release date:
Sunday, October 19, 2025 - 10:49
Subject:
perl-HTTP-Tiny-0.033-3.0.1.el7.AXS7
Affected Channels:
Asianux Server 7 for x86_64
Severity:
High
Description:
This is a very simple HTTP/1.1 client, designed for doing simple GET requests
without the overhead of a large framework like LWP::UserAgent.
It is more correct and more complete than HTTP::Lite. It supports proxies
(currently only non-authenticating ones) and redirection. It also correctly
resumes after EINTR.
Security Fix(es):
* CVE-2023-31486: fix insecure default TLS configuration
* Enable automated tests during build
CVE(s):
CVE-2023-31486
HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
Solution:
Update packages.
CVEs:
CVE-2023-31486
HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
HTTP::Tiny before 0.083, a Perl core module since 5.13.9 and available standalone on CPAN, has an insecure default TLS configuration where users must opt in to verify certificates.
Additional Info:
N/A
Download:
Asianux Server 7 for x86_64
- perl-HTTP-Tiny-0.033-3.0.1.el7.AXS7.noarch.rpm
MD5: bf787df18b2e490ba21726963ce2b5b5
SHA-256: 52308a89d3558d98379db15918cb8644a4523e96bd712bb9a6f6843d50267e41
Size: 37.96 kB