The second link above shows the spec patch (among several other modules, presumed not relevant to us). 

Assigning globally in the absence of a particular packager for this.

Assignee: bugsquad => pkg-bugs

Suggested advisory:
========================

The updated package fixes a security vulnerability:

The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling code execution for network attackers. (CVE-2024-45321)

References:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5W36RUTOUQ2VUGWG2FCEBOWNRYS6RBI/
========================

Updated package in core/updates_testing:
========================
cpanminus-1.704.500-2.1.mga9

from SRPM:
cpanminus-1.704.500-2.1.mga9.src.rpm

Source RPM: cpanminus-1.704.700-1.mga10.src.rpm, cpanminus-1.704.500-2.mga9.src.rpm => cpanminus-1.704.500-2.mga9.src.rpm
Whiteboard: MGA9TOO => (none)
Status comment: Patch available from Fedora => (none)
Assignee: pkg-bugs => qa-bugs
Version: Cauldron => 9
Status: NEW => ASSIGNED

MGA9-64 Plasma Wayland on HP-Pavillion
No installation issues.
Ref bug 30019 Comment  for testing

$ cpanm --help
Usage: cpanm [options] Module [...]

Options:
  -v,--verbose              Turns on chatty output
  -q,--quiet                Turns off the most output
  --interactive             Turns on interactive configure (required for Task:: modules)
and a lot more ....

[tester9@mach4 ~]$ cpanm URI
!
! Can't write to /usr/local/share/perl5/5.36 and /usr/local/bin: Installing modules to /home/tester9/perl5
! To turn off this warning, you have to do one of the following:
!   - run me as a root or with --sudo option (to install to /usr/local/share/perl5/5.36 and /usr/local/bin)
!   - Configure local::lib in your existing shell to set PERL_MM_OPT etc.
!   - Install local::lib by running the following commands
!
!         cpanm --local-lib=~/perl5 local::lib && eval $(perl -I ~/perl5/lib/perl5/ -Mlocal::lib)
!
--> Working on URI
Fetching https://www.cpan.org/authors/id/O/OA/OALDERS/URI-5.29.tar.gz ... OK
Configuring URI-5.29 ... OK
==> Found dependencies: Test::Fatal, Test::Needs, MIME::Base32, Test::Warnings
--> Working on Test::Fatal
Fetching https://www.cpan.org/authors/id/R/RJ/RJBS/Test-Fatal-0.017.tar.gz ... OK
Configuring Test-Fatal-0.017 ... OK
Building and testing Test-Fatal-0.017 ... OK
Successfully installed Test-Fatal-0.017
--> Working on Test::Needs
Fetching https://www.cpan.org/authors/id/H/HA/HAARG/Test-Needs-0.002010.tar.gz ... OK
Configuring Test-Needs-0.002010 ... OK
Building and testing Test-Needs-0.002010 ... OK
Successfully installed Test-Needs-0.002010
--> Working on MIME::Base32
Fetching https://www.cpan.org/authors/id/R/RE/REHSACK/MIME-Base32-1.303.tar.gz ... OK
Configuring MIME-Base32-1.303 ... OK
Building and testing MIME-Base32-1.303 ... OK
Successfully installed MIME-Base32-1.303
--> Working on Test::Warnings
Fetching https://www.cpan.org/authors/id/E/ET/ETHER/Test-Warnings-0.033.tar.gz ... OK
Configuring Test-Warnings-0.033 ... OK
Building and testing Test-Warnings-0.033 ... OK
Successfully installed Test-Warnings-0.033
Building and testing URI-5.29 ... OK
Successfully installed URI-5.29 (upgraded from 5.17)
5 distributions installed

Looks all OK.

CC: (none) => herman.viaene
Whiteboard: (none) => MGA9-64-OK

Validating.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2024-0339.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED