On Tue, Apr 28, 2026 at 05:31:38PM -0700, Andrew Hewus Fresh wrote: > I guess nobody told cpansec that the ports tree is locked. > > When it's not. > > https://lists.security.metacpan.org/cve-announce/msg/39426182/ > > https://metacpan.org/dist/Starman/changes > 0.4018 2026-04-27 12:29:41 PDT > - Fix HTTP request smuggling: Transfer-Encoding now takes precedence > over Content-Length per RFC 7230 ?3.3.3 (CVE-2026-40560)
OK bluhm@ > Index: Makefile > =================================================================== > RCS file: /cvs/ports/www/p5-Starman/Makefile,v > diff -u -p -r1.13 Makefile > --- Makefile 20 Dec 2025 06:52:08 -0000 1.13 > +++ Makefile 29 Apr 2026 00:24:19 -0000 > @@ -2,7 +2,7 @@ COMMENT = high-performance preforking P > > MODULES = cpan > PKG_ARCH = * > -DISTNAME = Starman-0.4017 > +DISTNAME = Starman-0.4018 > CATEGORIES = www > MAINTAINER = Abel Abraham Camarillo Ojeda <[email protected]> > > Index: distinfo > =================================================================== > RCS file: /cvs/ports/www/p5-Starman/distinfo,v > diff -u -p -r1.5 distinfo > --- distinfo 20 Dec 2025 06:52:08 -0000 1.5 > +++ distinfo 29 Apr 2026 00:24:19 -0000 > @@ -1,2 +1,2 @@ > -SHA256 (Starman-0.4017.tar.gz) = b/q5FfMj9gCJ4+v4Urm5cH1pFyZt+K/XNw+sBL/f7k4= > -SIZE (Starman-0.4017.tar.gz) = 32568 > +SHA256 (Starman-0.4018.tar.gz) = bY2yl9hRFB+k/3dI3/BVG+K6j5pELtnKrGRNvMmjbt0= > +SIZE (Starman-0.4018.tar.gz) = 33079 > >
