Skip to content

Commit

Permalink
data update for 2024-12-19 (adds CVE-2018-25107)
Browse files Browse the repository at this point in the history
  • Loading branch information
@briandfoy
briandfoy committed Dec 29, 2024
1 parent 98804cc commit d2d5d57
Show file tree
Hide file tree
Showing 8 changed files with 62 additions and 58 deletions.
2 changes: 1 addition & 1 deletion cpan-security-advisory.json
View file

Large diffs are not rendered by default.

26 changes: 13 additions & 13 deletions cpan-security-advisory.json.gpg
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEdaq0LLoNfzfw1oht+D+NXoeLYEEFAmdvccAACgkQ+D+NXoeL
YEHDFQ/8DxtWTgxLYm/sKc+ooEiiWjOy352iQM2w7z8/42sy9S5dRtuD0k47TFVf
ZgOQtw/lBp9j+PSjcD5RLRiMXvPXTwx93F0iH2VP6dMfyXpKlTevVu7aefleMsaI
jDHjxykEySQsB/bhnasVnuhOv9JYQhESEes1/KvBp9imY6IL3cOkFAbcQ2tkuQku
iCZh+f4WfCWnM+XoIBmhxTXtRzW42TUGuZ7Q6Xs9tn1BO9AgFh8hjosfehZZOe3I
lizJYdD98Ni3bRitCrbh7oOw7lCrwTCDqIUyZCyzfDe+bBaRV2lPt2ftc3ts/JEK
EnvHKu0dOX0fmjSx62iTnX68EyDtuNbbeG52cXRH5f70DjReYsFUMsRK8mSthgkr
nl8mcluP3oBkeg5jySBopySOjhc+otq+tBhqP8j9pYEZe0Ofd6N0EEtfI/Fskc0U
W1g6xCrsg9O2Los19f73id4A4KGGkleHsbKKutxsXXhbrrqjcQSCW5ILJ2WbVsN6
bIcY68YcV8lckSNXFzyeWVsCf+EOQqORSl3adWJ4GtOOkKz9nxcuW5B7jH1/OBVa
f3U8ApWmw+F4tdPJJnGG+udradDkK4PToxfpD5zYDkdMNsk+gErzAjY6b4XXmoFK
T9XHbWIzfwuCh7DydOgvbR48Kf0Fe7IFRVw9CibU4R03eU+M8Gc=
=h7gb
iQIzBAABCAAdFiEEdaq0LLoNfzfw1oht+D+NXoeLYEEFAmdx4ZUACgkQ+D+NXoeL
YEFV1BAAkvAgK3IArcS0iurYNnzZYiM4eVYyZ6h+r2Ui9CrpHlW82yF2PcS6RLCZ
BCVwmJyCN8xUKDK+nN/VHQqLLvfvR5vJPCVcOz2MiUC2jX8Nwd8s5DrrR3wL7jbz
lDKaf/y9x6pxw4/w0DpZvGleRGditwuuEVX7rg7yxicqoQeeB3XMzJFA55hCKOg4
B6RWf9KEUe0q5pRgYugEnhy/ENUElvgYOQvN31G5bCxxg2aeBfasmRTPlJUy9JzT
ZV0VZSxgT0HqRH/h4dWr0FjdqiSN5c3Qj+aCZgh9mNqjzFNbV1kLfWFLVZz9L9yG
2Z7jedqWlXIvAImuyySoNFSgb2lfe17UHby50XbhgXWy2/ciVhlP+zajMSqR3ddT
taa3dyMvGAtU1UBT+4zwjBMiJhMuU6M4tzbnF5L7Ia+U+D0YDotN4mHEcbP8lK9c
COzx1oxju/co9wlbLWCMPX0SHKJOFadj/om6jCUdJcrggLlkzqellePaCz68Hk2Z
x/KFZsIv6m+tI4pzq8MuxW//IvjAMbl5GwYFG33G+S6ulWYCB0NctTng9/P/GoTV
+J3anVBNxszRG2tbTzQBW/0T0xb1U54P+fks80kNe2+jfb2Qm3kowPuOiEJHJDDA
VCM2VEcATqIHSalG4EdjKHRzhu4V3b0ZXkWiJHkeZtlqrtZnoZk=
=7OCT
-----END PGP SIGNATURE-----
16 changes: 9 additions & 7 deletions lib/CPAN/Audit/DB.pm
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# created by util/generate at Sat Dec 28 03:34:23 2024
# https://github.com/briandfoy/cpan-security-advisory.git 5f4b5d79ffbef3b175267c9a96c01bf81d6e5112
# created by util/generate at Sun Dec 29 23:56:04 2024
# https://github.com/briandfoy/cpan-security-advisory.git 98804cc6813edfbff6464c6eda8c27f18242f4c4

=encoding utf8

Expand Down Expand Up @@ -82,7 +82,7 @@ package CPAN::Audit::DB;
use strict;
use warnings;

our $VERSION = '20241227.001';
our $VERSION = '20241229.001';

sub db {
{
Expand Down Expand Up @@ -14583,7 +14583,9 @@ sub db {
'affected_versions' => [
'<=0.12'
],
'cves' => [],
'cves' => [
'CVE-2018-25107'
],
'description' => 'In versions prior to 0.13, rand could be used as a result of calling get_weak, or get, if no random device was available. This implies that not explicitly asking for get_strong on a non POSIX operating system (e.g. Win32 without the Win32 backend) could have resulted in non cryptographically random data.
',
'distribution' => 'Crypt-Random-Source',
Expand Down Expand Up @@ -70736,9 +70738,9 @@ An attacker with limited privileges can exploit this behavior by placing cmd.exe
}
},
'meta' => {
'commit' => '5f4b5d79ffbef3b175267c9a96c01bf81d6e5112',
'date' => 'Sat Dec 28 03:34:23 2024',
'epoch' => 1735356863,
'commit' => '98804cc6813edfbff6464c6eda8c27f18242f4c4',
'date' => 'Sun Dec 29 23:56:04 2024',
'epoch' => 1735516564,
'generator' => 'util/generate',
'repo' => 'https://github.com/briandfoy/cpan-security-advisory.git'
},
Expand Down
26 changes: 13 additions & 13 deletions lib/CPAN/Audit/DB.pm.gpg
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEdaq0LLoNfzfw1oht+D+NXoeLYEEFAmdvcb8ACgkQ+D+NXoeL
YEFT8Q/9EKu1tScFnoO5S1yWRGFsdaqLpPFenfi+XWo5yogxhJSrEu2B6kXfrlKG
j1daExtBfUisBHIetvQr6ekrzy4/xJUYZ0AqaZ1T1mgrohCBTIVnfKlrSj2icmT0
STruVUWOOmkb+CubfrgHzeLez2NyZhPcpsuboSHPJD3xQ140F4PGZ1FHXoQ27Zg8
6jx/Gf+SulMJibIOEzwjlyUXT1Uck+46sJPd9YVoSQ4fTedmanXCBkQ6rbG4r8S/
+qqXsknn0EPXBobkyJKVfph+bdnbMEzuZ1bUWedQJbIFbc7iqsnUkGJaHY0rUJbO
g8Vh7Vg8mazhc324rbHDwv3WT7NmnzygHwVes8mOwq5LcXAWjuYWHOvIUU5KiBf1
QgVocORLdSA1WxEdBji8BU4DwKZRa/MERjmBkYNrmGGtLmjaU5MhMwgfWNQ3TyN7
vIlw8TXtkwSEczdB9zcDvt/1C+OcEMU1JgnC2ZppL1viDFPVz2X8Nd8AJZtP879M
SveQ1nFi2fU0r/mLbvhaWhyauVu4LfXEg3U3YPBlFJWDJjFVfnKzzccVAUqTkev6
HLere61vvvgdmX5b2U1s8iHH+JksAOOFi+sBHS9nRGdxZqGsO8f70ooIJTmzlwuy
pf8K081yLavxpq8ka+kuSaWYFil0RLN76e+q6B3K+EIy1XlhU7Y=
=kJmA
iQIzBAABCAAdFiEEdaq0LLoNfzfw1oht+D+NXoeLYEEFAmdx4ZQACgkQ+D+NXoeL
YEFW7A/9EatbdibwmfS1dH0vOyDjcST5iwDnukzjY8YxyvOiuTcsgvcXxK447pkb
dlTxVpiQ4pexwtfe6Cst1M08hOXSPH/georUgUiAxeaepgS5f6o/IZF7YYKH4Qj4
HFWc1X9tvu+wXpHUxqDDSvAmTVjpogMNg5yW/6o5az3tkqTAZUJnv5DlGeGPyDEP
aglyutio3zCSjH1dpNvqv2ZHzMARQDsqBBYEGjDptpZEZ4jFFteyieAtB/lhQKPC
xSeySysIB7ETy7NBeHDTgPTcCpU8tbPrsCsvZPSd+N07A4hzTqXVBWDFgXNWD01M
V89f+i9IECi/XGgI/UKQYwlYWb68nQFDhEgOMWaqJ+rW2my1mZfEN4LV1AzfhP5q
FnXoVNBMhcSfhCT2yUQvtM1pYi14zmBZRF74Iy+2DpT8GTeOcGSXiyMqy+KEECUK
lCjQJWFwe1tdk0FP4Q1hHED6VnVkjz3WAd7//dydUjF3wxVKMkQbTfBRxBkXo5F5
FSKIx6mlFWE94sEh0jXPKjahxv7w88iCoM41XTqWtzEqY/Eq8qTMFA7Sr0BlrWFS
j3zriqeAYSdOzUXvuZrbZrpywiBXIIwB8AJgInnRoFVXn4FMfU/0fhKOalwaL58g
/Jro/JDXrXF3u7z0ax/lr9wyNsJeE5ZkGoPJGtWRPCFG4Y+jidY=
=cLVz
-----END PGP SIGNATURE-----
4 changes: 2 additions & 2 deletions lib/CPAN/Audit/DB.pod
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# created by util/generate at Sat Dec 28 03:34:23 2024
# https://github.com/briandfoy/cpan-security-advisory.git 5f4b5d79ffbef3b175267c9a96c01bf81d6e5112
# created by util/generate at Sun Dec 29 23:56:04 2024
# https://github.com/briandfoy/cpan-security-advisory.git 98804cc6813edfbff6464c6eda8c27f18242f4c4

=encoding utf8

Expand Down
16 changes: 9 additions & 7 deletions lib/CPANSA/DB.pm
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# created by util/generate at Sat Dec 28 03:34:24 2024
# https://github.com/briandfoy/cpan-security-advisory.git 5f4b5d79ffbef3b175267c9a96c01bf81d6e5112
# created by util/generate at Sun Dec 29 23:56:05 2024
# https://github.com/briandfoy/cpan-security-advisory.git 98804cc6813edfbff6464c6eda8c27f18242f4c4

=encoding utf8

Expand Down Expand Up @@ -82,7 +82,7 @@ package CPANSA::DB;
use strict;
use warnings;

our $VERSION = '20241227.001';
our $VERSION = '20241229.001';

sub db {
{
Expand Down Expand Up @@ -14583,7 +14583,9 @@ sub db {
'affected_versions' => [
'<=0.12'
],
'cves' => [],
'cves' => [
'CVE-2018-25107'
],
'description' => 'In versions prior to 0.13, rand could be used as a result of calling get_weak, or get, if no random device was available. This implies that not explicitly asking for get_strong on a non POSIX operating system (e.g. Win32 without the Win32 backend) could have resulted in non cryptographically random data.
',
'distribution' => 'Crypt-Random-Source',
Expand Down Expand Up @@ -70736,9 +70738,9 @@ An attacker with limited privileges can exploit this behavior by placing cmd.exe
}
},
'meta' => {
'commit' => '5f4b5d79ffbef3b175267c9a96c01bf81d6e5112',
'date' => 'Sat Dec 28 03:34:23 2024',
'epoch' => 1735356863,
'commit' => '98804cc6813edfbff6464c6eda8c27f18242f4c4',
'date' => 'Sun Dec 29 23:56:04 2024',
'epoch' => 1735516564,
'generator' => 'util/generate',
'repo' => 'https://github.com/briandfoy/cpan-security-advisory.git'
},
Expand Down
26 changes: 13 additions & 13 deletions lib/CPANSA/DB.pm.gpg
View file
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEdaq0LLoNfzfw1oht+D+NXoeLYEEFAmdvccAACgkQ+D+NXoeL
YEGd2Q/+K+ZegD+ySR1KkQPwa6CzORUJBBVKnlRJGHUCX7vdTr0gmcufAz10Zvk1
Kl3rCRoGfo2KqLW04IaehCr1hU4/LWD8mKGXfwbZh9nl9L1Gd34BfclD4KVk6kLo
m+Nq123ggLoxc92Qwv4DfOZp4yn37ixV7dv/2NM3ojlMEVO6SaRFSVBOTTfNJEXi
KFLzVkYHdY1dXkX7PwQg8LX1fa4CQ5Jq7mFP/LB7uRmmYIg2ySfg64VRDevdLWTS
3JHzrMSCCwywMghwWB5m0F1OgkA98QZ01KpPU4795XbIIfW8BRnq3OwkZiJEZSgE
DVgC/nl9bOEHV3NN0sg4nOQ316KhObX6HRWFkHk6FA6cQtCm+PMTdJRYMdsHP+zT
Z5mps1kLHH2ce9gwCY3LH456vHR6z9ZmuelEwt7ueHxktgGN/2NDqHGiuqKUchVD
azUUBcNUD4Ke3H8FvAyow9O82tfrWTeLXm3pgGHZ+AQcbMvrxqOWWh6gyyedAd8X
5/A1Fa8GWPUE5LYwFP0qjEWUzolivameIsI8pcFQLU6+yu7FNEEv/ktOtqECdVWz
U98Xr6Wc5QD7j9Hg27LvHScwJZCwDiqnj00WSipcst27oQj3xpXMzqWRIptbY6Fd
oJyRmBTfurBkPMPgxAbDFgKYMOqqm1g7o6YIqgKWNiSel553fMs=
=5+Er
iQIzBAABCAAdFiEEdaq0LLoNfzfw1oht+D+NXoeLYEEFAmdx4ZUACgkQ+D+NXoeL
YEEyCg//W3ThUQ0HbMcEIOy54N6FDpm6lSLbkRZpuR7Ti2d+yt8YEhYh3LZEw9p8
2N7RWUwyKSZgKsP/VzFa1okUR2omHwVV2L/VeP+YhNfMbspa9Iwyx3PJD7mjX9JI
JnjqFtzrofwfjkzleL/DkF9TycL/c6svIPkgYJ0sI3LPEJVO6fc7ZZiko90H2B2a
Jz+grc3dQPjhFqUimOqFy17Hgi5SBC0HcXqGPb8QGFhWmwFk7JkKQ66GCFrjk/PF
99JEwIKx5+xguTpou/QF0nm3W2DQq2cLJqE27jwFwGtD3b387u0FMxuaXk9dQyDe
rQSP+FOn5bTgBVGJfJkqU59UAOzSd9b26KWpB7msXBgJ71P67Mx+xMCoOh5t8pJQ
1DbnUmd3T2qaqco8xlaMlTftuUCEgP2FWX0siVR2sVflHQPTIUm/wsTzZCeF6amM
46MkNOW2Oq8R6GYkPXqibzi1RQS4nw3zYMuRY+PMsZtWrl4I+dvX8N5QV1XNINuj
u58KU33xjy4WXu+pMNKfPCLwQoHJ3k6QzNAma9CLdxe7cWgC0jB1NjXJ7981PQJF
k87SymR2q3R82RWhnDbKfdgiO5qay6XJpO6SXbVz+x3IO8tOzHP17Py1/UOtv+pD
ei81EMj1iqB3XaWOwMQlCN0Os/lqZDi2Uin0XPUjsEuWX1TARwA=
=SYl5
-----END PGP SIGNATURE-----
4 changes: 2 additions & 2 deletions lib/CPANSA/DB.pod
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# created by util/generate at Sat Dec 28 03:34:24 2024
# https://github.com/briandfoy/cpan-security-advisory.git 5f4b5d79ffbef3b175267c9a96c01bf81d6e5112
# created by util/generate at Sun Dec 29 23:56:05 2024
# https://github.com/briandfoy/cpan-security-advisory.git 98804cc6813edfbff6464c6eda8c27f18242f4c4

=encoding utf8

Expand Down

0 comments on commit d2d5d57

Please sign in to comment.