-
Bug
-
Resolution: Done-Errata
-
Undefined
-
rhel-8.10
-
None
-
perl-HTTP-Tiny-0.074-3.el8
-
None
-
None
-
rhel-sst-cs-stacks
-
ssg_core_services
-
20
-
23
-
None
-
False
-
-
None
-
Red Hat Enterprise Linux
-
None
-
-
All
-
None
To mitigate CVE-2023-31486, the perl-HTTP-Tiny has been updated to perform SSL cert verification by default, ie verify_SSL=>true.
However, the man page shipped with the package wasn't updated to reflect the change:
$ man /usr/share/man/man3/HTTP::Tiny.3pm.gz
...
- "verify_SSL" — A boolean that indicates whether to validate the SSL certificate of an "https" — connection
(default is false)
...
- clones
-
RHEL-21762 perl-HTTP-Tiny: man page not updated to reflect fix for CVE-2023-31486 [rhel-8.8.0.z]
- Closed
- links to
-
RHBA-2024:126382 perl-HTTP-Tiny update
- mentioned on