Fedora has issued an advisory on March 28: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MATNG5VP46SXJB2JHAI2LXPUXCYUOYPE/
Source RPM: (none) => perl-Data-UUID-1.226.0-5.mga9.src.rpmCVE: (none) => CVE-2013-4184Status comment: (none) => Fixed upstream in 1.227
Thierry has just put 1.227 in Cauldron; assigning to you for M9.
Assignee: bugsquad => thierry.vignaud
Suggested advisory: ======================== The updated package fixes a security vulnerability: Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks. (CVE-2013-4184) References: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MATNG5VP46SXJB2JHAI2LXPUXCYUOYPE/ ======================== Updated package in core/updates_testing: ======================== perl-Data-UUID-1.227.0-1.mga9 from SRPM: perl-Data-UUID-1.227.0-1.mga9.src.rpm
Status comment: Fixed upstream in 1.227 => (none)Assignee: thierry.vignaud => qa-bugsStatus: NEW => ASSIGNED
Keywords: (none) => advisory
MGA9-64 Plasma Wayland on HP-Pavillion. No installation issues. No previous updates, so # urpmq --whatrequires perl-Data-UUID gscan2pdf gscan2pdf perl-CHI perl-DBIx-Class-UUIDColumns perl-Data-GUID and some more, so installed gscan2pdf and the sane stuff (gscan2pdf does not work without the latter) and run $ strace -o perluuid.txt gscan2pdf scan a page and check the trace file and I find a number of: newfstatat(AT_FDCWD, "/usr/local/lib64/perl5/5.36/Data/UUID.pmc", 0x7ffe1349ff60, 0) = -1 ENOENT (No such file or directory) newfstatat(AT_FDCWD, "/usr/local/lib64/perl5/5.36/Data/UUID.pm", 0x7ffe1349ff60, 0) = -1 ENOENT (No such file or directory) newfstatat(AT_FDCWD, "/usr/local/share/perl5/5.36/Data/UUID.pmc", 0x7ffe1349ff60, 0) = -1 ENOENT (No such file or directory) newfstatat(AT_FDCWD, "/usr/local/share/perl5/5.36/Data/UUID.pm", 0x7ffe1349ff60, 0) = -1 ENOENT (No such file or directory) newfstatat(AT_FDCWD, "/usr/lib64/perl5/vendor_perl/Data/UUID.pmc", 0x7ffe1349ff60, 0) = -1 ENOENT (No such file or directory) Should be enough as demo of wrking OK.
Whiteboard: (none) => MGA9-64-OKCC: (none) => herman.viaene
Validating.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0117.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED