Read: https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/
I have not had time to investigate deeply, posting here so the info is not lost. I have already fixed one issue related to perl-data-validate- ip in 8ec03ed5475ca7919a7d11541ff8cbf33a9ffe67, but it seems there's several others. One as CVE recently: CVE-2021-29424 18:15 The Net::Netmask module before 2.0000 for Perl does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses. Can't find a corresponding package in GNU Guix. To be continued! Léo
signature.asc
Description: This is a digitally signed message part
