I guess nobody told cpansec that the ports tree is locked. When it's not. https://lists.security.metacpan.org/cve-announce/msg/39426182/ https://metacpan.org/dist/Starman/changes 0.4018 2026-04-27 12:29:41 PDT - Fix HTTP request smuggling: Transfer-Encoding now takes precedence over Content-Length per RFC 7230 §3.3.3 (CVE-2026-40560) Index: Makefile =================================================================== RCS file: /cvs/ports/www/p5-Starman/Makefile,v diff -u -p -r1.13 Makefile --- Makefile 20 Dec 2025 06:52:08 -0000 1.13 +++ Makefile 29 Apr 2026 00:24:19 -0000 @@ -2,7 +2,7 @@ COMMENT = high-performance preforking P MODULES = cpan PKG_ARCH = * -DISTNAME = Starman-0.4017 +DISTNAME = Starman-0.4018 CATEGORIES = www MAINTAINER = Abel Abraham Camarillo Ojeda <acamari@verlet.org> Index: distinfo =================================================================== RCS file: /cvs/ports/www/p5-Starman/distinfo,v diff -u -p -r1.5 distinfo --- distinfo 20 Dec 2025 06:52:08 -0000 1.5 +++ distinfo 29 Apr 2026 00:24:19 -0000 @@ -1,2 +1,2 @@ -SHA256 (Starman-0.4017.tar.gz) = b/q5FfMj9gCJ4+v4Urm5cH1pFyZt+K/XNw+sBL/f7k4= -SIZE (Starman-0.4017.tar.gz) = 32568 +SHA256 (Starman-0.4018.tar.gz) = bY2yl9hRFB+k/3dI3/BVG+K6j5pELtnKrGRNvMmjbt0= +SIZE (Starman-0.4018.tar.gz) = 33079
No comments:
Post a Comment