Data update (POSIX::2008 briandfoy/cpan-security-advisory#154)

briandfoy · Jun 15, 2024 · 24e2c9f · 24e2c9f
1 parent ccb0d0f
commit 24e2c9f
Show file tree

Hide file tree

Showing 4 changed files with 218 additions and 18 deletions.
diff --git a/cpan-security-advisory b/cpan-security-advisory
diff --git a/lib/CPAN/Audit.pm b/lib/CPAN/Audit.pm
@@ -14,7 +14,7 @@ use CPAN::Audit::Version;
 use CPAN::Audit::Query;
 use CPAN::Audit::DB;
 
-our $VERSION = '20240601.001';
+our $VERSION = '20240615.001';
 
 sub new {
 	my( $class, %params ) = @_;

diff --git a/lib/CPAN/Audit/DB.pm b/lib/CPAN/Audit/DB.pm
@@ -1,12 +1,12 @@
-# created by util/generate at Sat Jun  1 16:14:49 2024
-# cpan-security-advisory 37c93d1820eafc4fc2cc9745262d0cc8306da21d
+# created by util/generate at Sat Jun 15 01:27:04 2024
+# cpan-security-advisory +937e2f9cdcc4a90c53363b9981f96d82f3c2990b
 #
 package CPAN::Audit::DB;
 
 use strict;
 use warnings;
 
-our $VERSION = '20240601.001';
+our $VERSION = '20240615.001';
 
 sub db {
 	{
@@ -4710,6 +4710,10 @@ sub db {
                                                   {
                                                     'date' => '2024-03-18T12:10:48',
                                                     'version' => '4.64'
+                                                  },
+                                                  {
+                                                    'date' => '2024-06-04T15:15:17',
+                                                    'version' => '4.65'
                                                   }
                                                 ]
                                 },
@@ -18361,6 +18365,10 @@ sub db {
                                                         {
                                                           'date' => '2024-05-01T09:04:33',
                                                           'version' => '5.005'
+                                                        },
+                                                        {
+                                                          'date' => '2024-06-04T19:59:44',
+                                                          'version' => '5.006'
                                                         }
                                                       ]
                                       },
@@ -36728,6 +36736,18 @@ sub db {
                                                      {
                                                        'date' => '2024-04-27T01:24:42',
                                                        'version' => '1.024_005'
+                                                     },
+                                                     {
+                                                       'date' => '2024-06-11T11:35:22',
+                                                       'version' => '1.024_006'
+                                                     },
+                                                     {
+                                                       'date' => '2024-06-12T09:58:08',
+                                                       'version' => '1.024_007'
+                                                     },
+                                                     {
+                                                       'date' => '2024-06-13T10:45:14',
+                                                       'version' => '1.024_008'
                                                      }
                                                    ]
                                    },
@@ -37328,6 +37348,38 @@ sub db {
                                                    {
                                                      'date' => '2022-05-09T21:07:41',
                                                      'version' => '1.06'
+                                                   },
+                                                   {
+                                                     'date' => '2024-06-02T18:49:17',
+                                                     'version' => '1.07'
+                                                   },
+                                                   {
+                                                     'date' => '2024-06-05T19:57:13',
+                                                     'version' => '1.10_01'
+                                                   },
+                                                   {
+                                                     'date' => '2024-06-08T19:49:17',
+                                                     'version' => '2.00_01'
+                                                   },
+                                                   {
+                                                     'date' => '2024-06-09T13:06:47',
+                                                     'version' => '2.00_02'
+                                                   },
+                                                   {
+                                                     'date' => '2024-06-09T15:41:33',
+                                                     'version' => '2.00_03'
+                                                   },
+                                                   {
+                                                     'date' => '2024-06-09T20:00:29',
+                                                     'version' => '2.00_04'
+                                                   },
+                                                   {
+                                                     'date' => '2024-06-10T07:25:19',
+                                                     'version' => '2.00_05'
+                                                   },
+                                                   {
+                                                     'date' => '2024-06-10T15:39:47',
+                                                     'version' => '2.00'
                                                    }
                                                  ]
                                  },
@@ -49103,6 +49155,10 @@ sub db {
                                                       {
                                                         'date' => '2023-12-10T00:23:20',
                                                         'version' => '0.22'
+                                                      },
+                                                      {
+                                                        'date' => '2024-06-08T13:42:18',
+                                                        'version' => '0.23'
                                                       }
                                                     ]
                                     },
@@ -51403,6 +51459,139 @@ sub db {
                                                                 }
                                                               ]
                                               },
+                       'POSIX-2008' => {
+                                         'advisories' => [
+                                                           {
+                                                             'affected_versions' => '<0.24',
+                                                             'cves' => [],
+                                                             'description' => 'POSIX::2008\'s implementation of readlink() and readlinkat(). The underlying syscalls do not add any null terminator byte at the end of the output buffer, but _readlink50c() in 2008.XS also fails to add a null terminator before returning the result string to perl. This results in arbitrary memory contents being visible in the result returned to perl code by readlink() and readlinkat(). At the very least, this causes failures in any downstream code that attempts to access whatever filename (plus the erroneous garbage) was linked to.
+',
+                                                             'distribution' => 'POSIX-2008',
+                                                             'fixed_versions' => '>=0.24',
+                                                             'id' => 'CPANSA-POSIX-2008-001',
+                                                             'references' => [
+                                                                               'https://rt.cpan.org/Public/Bug/Display.html?id=96644'
+                                                                             ],
+                                                             'reported' => undef,
+                                                             'severity' => undef
+                                                           }
+                                                         ],
+                                         'main_module' => 'POSIX::2008',
+                                         'versions' => [
+                                                         {
+                                                           'date' => '2013-09-13T17:14:53',
+                                                           'version' => '0.01'
+                                                         },
+                                                         {
+                                                           'date' => '2013-09-14T16:20:56',
+                                                           'version' => '0.02'
+                                                         },
+                                                         {
+                                                           'date' => '2013-09-16T09:32:15',
+                                                           'version' => '0.03'
+                                                         },
+                                                         {
+                                                           'date' => '2015-05-25T13:51:17',
+                                                           'version' => '0.04'
+                                                         },
+                                                         {
+                                                           'date' => '2017-08-25T20:52:28',
+                                                           'version' => '0.05'
+                                                         },
+                                                         {
+                                                           'date' => '2017-08-26T17:21:09',
+                                                           'version' => '0.06'
+                                                         },
+                                                         {
+                                                           'date' => '2017-08-27T14:55:54',
+                                                           'version' => '0.07'
+                                                         },
+                                                         {
+                                                           'date' => '2017-08-31T18:14:24',
+                                                           'version' => '0.08'
+                                                         },
+                                                         {
+                                                           'date' => '2017-09-01T10:14:04',
+                                                           'version' => '0.09'
+                                                         },
+                                                         {
+                                                           'date' => '2017-09-02T09:15:21',
+                                                           'version' => '0.10'
+                                                         },
+                                                         {
+                                                           'date' => '2017-09-02T13:11:19',
+                                                           'version' => '0.11'
+                                                         },
+                                                         {
+                                                           'date' => '2017-09-03T20:02:26',
+                                                           'version' => '0.12'
+                                                         },
+                                                         {
+                                                           'date' => '2017-09-08T11:50:51',
+                                                           'version' => '0.13'
+                                                         },
+                                                         {
+                                                           'date' => '2017-09-09T18:04:53',
+                                                           'version' => '0.14'
+                                                         },
+                                                         {
+                                                           'date' => '2017-09-10T12:50:52',
+                                                           'version' => '0.15'
+                                                         },
+                                                         {
+                                                           'date' => '2017-09-15T14:59:53',
+                                                           'version' => '0.16'
+                                                         },
+                                                         {
+                                                           'date' => '2023-06-01T13:51:43',
+                                                           'version' => '0.18'
+                                                         },
+                                                         {
+                                                           'date' => '2023-07-07T13:52:59',
+                                                           'version' => '0.19'
+                                                         },
+                                                         {
+                                                           'date' => '2023-07-08T12:09:34',
+                                                           'version' => '0.20_01'
+                                                         },
+                                                         {
+                                                           'date' => '2023-07-09T08:25:58',
+                                                           'version' => '0.20_02'
+                                                         },
+                                                         {
+                                                           'date' => '2023-07-11T15:26:35',
+                                                           'version' => '0.20_03'
+                                                         },
+                                                         {
+                                                           'date' => '2023-07-12T17:47:09',
+                                                           'version' => '0.20_04'
+                                                         },
+                                                         {
+                                                           'date' => '2023-07-13T17:26:29',
+                                                           'version' => '0.20_05'
+                                                         },
+                                                         {
+                                                           'date' => '2023-07-14T15:57:30',
+                                                           'version' => '0.20'
+                                                         },
+                                                         {
+                                                           'date' => '2023-11-16T19:54:40',
+                                                           'version' => '0.21'
+                                                         },
+                                                         {
+                                                           'date' => '2024-01-26T16:30:56',
+                                                           'version' => '0.22'
+                                                         },
+                                                         {
+                                                           'date' => '2024-01-27T15:34:00',
+                                                           'version' => '0.23'
+                                                         },
+                                                         {
+                                                           'date' => '2024-06-14T12:10:38',
+                                                           'version' => '0.24'
+                                                         }
+                                                       ]
+                                       },
                        'Parallel-ForkManager' => {
                                                    'advisories' => [
                                                                      {
@@ -66841,6 +67030,14 @@ sub db {
                                                    {
                                                      'date' => '2024-05-24T20:45:21',
                                                      'version' => '5.040000'
+                                                   },
+                                                   {
+                                                     'date' => '2024-06-04T21:47:57',
+                                                     'version' => '5.040000'
+                                                   },
+                                                   {
+                                                     'date' => '2024-06-09T20:45:37',
+                                                     'version' => '5.040000'
                                                    }
                                                  ]
                                  },
@@ -69423,9 +69620,11 @@ sub db {
                              'Kelp::Response' => 'Kelp',
                              'Kelp::Routes' => 'Kelp',
                              'Kelp::Routes::Controller' => 'Kelp',
+                             'Kelp::Routes::Location' => 'Kelp',
                              'Kelp::Routes::Pattern' => 'Kelp',
                              'Kelp::Template' => 'Kelp',
                              'Kelp::Test' => 'Kelp',
+                             'Kelp::Util' => 'Kelp',
                              'Kossy' => 'Kossy',
                              'Kossy::Assets' => 'Kossy',
                              'Kossy::BodyParser' => 'Kossy',
@@ -70531,6 +70730,7 @@ sub db {
                              'POE::Filter::IRC' => 'POE-Component-IRC',
                              'POE::Filter::IRC::Compat' => 'POE-Component-IRC',
                              'POSIX' => 'perl',
+                             'POSIX::2008' => 'POSIX-2008',
                              'POSIX::SigAction' => 'perl',
                              'POSIX::SigRt' => 'perl',
                              'POSIX::SigSet' => 'perl',