Fedora Linux 8811 Published by

A perl-Net-CIDR-Lite security update has been released for Fedora 34.



SECURITY: Fedora 34 Update: perl-Net-CIDR-Lite-0.22-1.fc34


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-3393b2b19d
2021-04-24 20:00:51.077239
--------------------------------------------------------------------------------

Name : perl-Net-CIDR-Lite
Product : Fedora 34
Version : 0.22
Release : 1.fc34
URL :   https://metacpan.org/release/Net-CIDR-Lite
Summary : Perl extension for merging IPv4 or IPv6 CIDR addresses
Description :
Faster alternative to Net::CIDR when merging a large number of CIDR address
ranges. Works for IPv4 and IPv6 addresses.

--------------------------------------------------------------------------------
Update Information:

This update disallows use of IP addresses with leading zeroes in the octet
values, which could have been interpreted ambiguously as either octal or decimal
values.
--------------------------------------------------------------------------------
ChangeLog:

* Mon Apr 5 2021 Paul Howarth - 0.22-1
- Update to 0.22
- Security: IPv4 octets with leading zeroes are no longer allowed
  https://blog.urth.org/2021/03/29/security-issues-in-perl-ip-address-distros/
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-3393b2b19d' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys