obsolete

perl-Mojolicious-9.39-1.fc40

FEDORA-2025-0e7fe5534f created by eseyman 6 months ago for Fedora 40

Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard coded string, or the application's class name, as a HMAC session secret by default.

Mojolicious 9.39 added EXPERIMENTAL support for encrypted session cookies. This feature is much more secure than signed cookies and can be enabled by installing CryptX and setting the encrypted attribute.

This update has been submitted for testing by eseyman.

6 months ago

This update's test gating status has been changed to 'ignored'.

6 months ago

This update has been pushed to testing.

6 months ago

This update is marked obsolete because the F40 release is archived.

6 months ago

Please log in to add feedback.

Metadata
Type
security
Severity
low
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Thresholds
Minimum Karma
+1
Minimum Testing
7 days
Dates
submitted
6 months ago
in testing
6 months ago
Builds
1
perl-Mojolicious-9.39-1.fc40
BZ#2364057 CVE-2024-58134 perl-Mojolicious: Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard coded string, or the application's class name, as a HMAC session secret by default [fedora-40]
0
0
BZ#2364058 CVE-2024-58134 perl-Mojolicious: Mojolicious versions from 0.999922 through 9.39 for Perl uses a hard coded string, or the application's class name, as a HMAC session secret by default [fedora-41]
0
0
perl-Mojolicious-9.39-1.fc40

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 25.5.1 on bodhi-web-10-5kvt6.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy