[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] Perl's HTTP::Tiny has insecure TLS cert default, affecting CPAN.pm and other modu
From: Christian Heinrich <christian.heinrich () cmlh ! id ! au>
Date: 2023-04-21 0:00:33
Message-ID: CAGKxTURUKjUkjXOKvT+MdYZTXyVQq6fQEj2tsxyXhXE+XxvVmw () mail ! gmail ! com
[Download RAW message or body]
Stig,
On Wed, 19 Apr 2023 at 01:24, Stig Palmquist <stig@stig.io> wrote:
> ... and more. We have generated a list of over 300 potentially affected
> CPAN distributions.
The responsibility for this fix is therefore with the maintainers of
the CPAN modules who accepted the residual risk as documented at
https://metacpan.org/pod/HTTP::Tiny#SSL-SUPPORT rather than HTTP:Tiny
itself.
--
Regards,
Christian Heinrich
http://cmlh.id.au/contact
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic