libcatalyst-authentication-credential-http-perl

general

source: libcatalyst-authentication-credential-http-perl (main)
version: 1.018-4
maintainer: Debian Perl Group (archive) (DMD) (LowNMU)
uploaders: Jonas Smedegaard [DMD]
arch: all
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.018-1
oldstable: 1.018-2
stable: 1.018-3
testing: 1.018-4
unstable: 1.018-4

versioned links

1.018-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.018-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.018-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.018-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libcatalyst-authentication-credential-http-perl

action needed

A new upstream version is available: 1.019 high

A new upstream version 1.019 is available, you should consider packaging it.

Created: 2025-08-24 Last update: 2025-09-24 07:02

1 new commit since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 49d44c8e6c3c15177de64f74c2a736489ab281c0
Author: Alexandre Detiste <alexandre.detiste@gmail.com>
Date:   Sun Sep 21 22:02:02 2025 +0200

    refresh copyright-check

Created: 2025-09-21 Last update: 2025-09-21 22:04

1 low-priority security issue in trixie low

There is 1 open security issue in trixie.

1 issue left for the package maintainer to handle:

CVE-2025-40920: (needs triaging) Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. * Data::UUID does not use a strong cryptographic source for generating UUIDs. * Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable for security, as per RFC 9562. * The nonces should be generated from a strong cryptographic source, as per RFC 7616.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-08-12 Last update: 2025-08-29 06:04

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2025-40920: (needs triaging) Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. * Data::UUID does not use a strong cryptographic source for generating UUIDs. * Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable for security, as per RFC 9562. * The nonces should be generated from a strong cryptographic source, as per RFC 7616.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-08-12 Last update: 2025-08-29 06:04

news

[rss feed]

[2025-08-17] libcatalyst-authentication-credential-http-perl 1.018-4 MIGRATED to testing (Debian testing watch)
[2025-08-12] Accepted libcatalyst-authentication-credential-http-perl 1.018-4 (source) into unstable (gregor herrmann)
[2024-03-11] libcatalyst-authentication-credential-http-perl 1.018-3 MIGRATED to testing (Debian testing watch)
[2024-03-04] Accepted libcatalyst-authentication-credential-http-perl 1.018-3 (source) into unstable (gregor herrmann)
[2022-06-12] libcatalyst-authentication-credential-http-perl 1.018-2 MIGRATED to testing (Debian testing watch)
[2022-06-09] Accepted libcatalyst-authentication-credential-http-perl 1.018-2 (source) into unstable (Jelmer Vernooĳ) (signed by: Jelmer Vernooij)
[2017-10-29] libcatalyst-authentication-credential-http-perl 1.018-1 MIGRATED to testing (Debian testing watch)
[2017-10-23] Accepted libcatalyst-authentication-credential-http-perl 1.018-1 (source) into unstable (Damyan Ivanov)
[2017-08-08] libcatalyst-authentication-credential-http-perl 1.016-3 MIGRATED to testing (Debian testing watch)
[2017-08-02] Accepted libcatalyst-authentication-credential-http-perl 1.016-3 (source) into unstable (gregor herrmann)
[2014-12-18] libcatalyst-authentication-credential-http-perl 1.016-2 MIGRATED to testing (Britney)
[2014-11-04] Accepted libcatalyst-authentication-credential-http-perl 1.016-2 (source all) into unstable (Jonas Smedegaard)
[2013-08-13] libcatalyst-authentication-credential-http-perl 1.016-1 MIGRATED to testing (Debian testing watch)
[2013-08-02] Accepted libcatalyst-authentication-credential-http-perl 1.016-1 (source all) (Jonas Smedegaard)
[2013-07-31] libcatalyst-authentication-credential-http-perl 1.015-2 MIGRATED to testing (Debian testing watch)
[2013-07-20] Accepted libcatalyst-authentication-credential-http-perl 1.015-2 (source all) (Jonas Smedegaard)
[2013-05-05] libcatalyst-authentication-credential-http-perl 1.015-1 MIGRATED to testing (Debian testing watch)
[2012-08-08] Accepted libcatalyst-authentication-credential-http-perl 1.015-1 (source all) (Jonas Smedegaard)
[2012-06-18] libcatalyst-authentication-credential-http-perl 1.014-1 MIGRATED to testing (Debian testing watch)
[2012-06-07] Accepted libcatalyst-authentication-credential-http-perl 1.014-1 (source all) (Jonas Smedegaard)

bugs [bug history graph]

all: 0

links

homepage
lintian
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.018-4