CVE-2024-56406 was announced on oss-security yesterday and affects perl versions:
from 5.41.0 through 5.41.10 from 5.39.0 before 5.40.2-RC1 from 5.33.1 before 5.38.4-RC1 Still, there are no updates for lang/perl5.36, 38 or 40. I tried building 5.40.2 using a ports overlay tree, but it doesn’t work. Ports that depend on perl5 use PERL_VERSION= 5.40.1 even if I update version.mk. I assume it’s because it’s in an overlay. I checked bugzilla, found no PR. Does anybody know if an update is being worked on? .einar
