https://bugzilla.redhat.com/show_bug.cgi?id=2355244
Bug ID: 2355244
Summary: CVE-2025-27552 perl-DBIx-Class-EncodedColumn:
DBIx::Class::EncodedColumn until 0.00032 for Perl uses
insecure rand() function for salting password hashes
in Crypt/Eksblowfish/Bcrypt.pm [fedora-40]
Product: Fedora
Version: 40
Status: NEW
Whiteboard: {"flaws": ["c7185397-7db4-4534-a645-2ac875052cf1"]}
Component: perl-DBIx-Class-EncodedColumn
Keywords: Security, SecurityTracking
Severity: medium
Priority: medium
Assignee: jples...@redhat.com
Reporter: ahanw...@redhat.com
QA Contact: extras...@fedoraproject.org
CC: iarn...@gmail.com, jples...@redhat.com,
perl-devel@lists.fedoraproject.org
Blocks: 2355041
Target Milestone: ---
Classification: Fedora
More information about this security flaw is available in the following bug:
https://bugzilla.redhat.com/show_bug.cgi?id=2355041
Disclaimer: Community trackers are created by Red Hat Product Security team on
a best effort basis. Package maintainers are required to ascertain if the flaw
indeed affects their package, before starting the update process.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugzilla.redhat.com/show_bug.cgi?id=2355244
Report this comment as SPAM:
https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202355244%23c0
--
_______________________________________________
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
