mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-03-02 05:19:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
9f2ecf7157ed7f56d9f1870a99e527f90e78b708
poky/meta/recipes-devtools/perl/files/CVE-2023-31484.patch
Soumya 875400f96f perl: fix CVE-2023-31484 
CPAN.pm before 2.35 does not verify TLS certificates when downloading
distributions over HTTPS.

(From OE-Core rev: b093db144b35e7c140ac830dbe67cabfaac69f73)

Signed-off-by: Soumya <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-06-14 04:16:59 -10:00

30 lines
890 B
Diff
Raw Blame History

From a625ec2cc3a0b6116c1f8b831d3480deb621c245 Mon Sep 17 00:00:00 2001
From: Stig Palmquist <git@stig.io>
Date: Tue, 28 Feb 2023 11:54:06 +0100
Subject: [PATCH] Add verify_SSL=>1 to HTTP::Tiny to verify https server
identity
Upstream-Status: Backport [https://github.com/andk/cpanpm/commit/9c98370287f4e709924aee7c58ef21c85289a7f0]
CVE: CVE-2023-31484
Signed-off-by: Soumya <soumya.sambu@windriver.com>
---
cpan/CPAN/lib/CPAN/HTTP/Client.pm | 1 +
1 file changed, 1 insertion(+)
diff --git a/cpan/CPAN/lib/CPAN/HTTP/Client.pm b/cpan/CPAN/lib/CPAN/HTTP/Client.pm
index 4fc792c..a616fee 100644
--- a/cpan/CPAN/lib/CPAN/HTTP/Client.pm
+++ b/cpan/CPAN/lib/CPAN/HTTP/Client.pm
@@ -32,6 +32,7 @@ sub mirror {
my $want_proxy = $self->_want_proxy($uri);
my $http = HTTP::Tiny->new(
+ verify_SSL => 1,
$want_proxy ? (proxy => $self->{proxy}) : ()
);
--
2.40.0
Reference in New Issue View Git Blame Copy Permalink