PaulHowarth/Blog

Paul Howarth's Blog

Recent Entries

Tuesday 16th June 2026

Fedora Project

Updated perl-Test-MockModule to 0.185.3 in Rawhide:
- Don't require Moose when mocking Moo (GH#93, GH#94)
Updated perl-Test-Simple to 1.302222 in Rawhide:
- Add missing Changes entry
- Fix test that fails on some Windows versions due to path separators

Local Packages

Updated perl-Pod-Coverage-TrustMe to 0.002002:
- Fix passing options to all_pod_coverage_ok
Updated perl-Test-MockModule to 0.185.3 as per the Fedora version
Updated perl-Test-Simple to 1.302222 as per the Fedora version

Monday 15th June 2026

Fedora Project

Updated perl-Crypt-DSA to 1.21 in F-43, F-44, Rawhide, EPEL-10.2 and EPEL-10:
- Fixed key material reuse for multiple signing events (CVE-2026-12205, CWE-323)
  - sign() reused the DSA nonce k across signatures (r and k^-1 were cached on the key and not regenerated), allowing private-key recovery from two signatures over different messages
  - Now generates a fresh nonce per signature
  - Keys used to sign more than once with an affected version should be considered compromised
Updated perl-Crypt-DSA (1.17) in EPEL-8 and EPEL-9 to fix key material reuse for multiple signing events
Updated perl-Test-Simple to 1.302221 in Rawhide:
- Prevent the new EBCDIC support from breaking 5.6
Updated python-paramiko to 3.5.1 in EPEL-10:
- Private key material is now explicitly 'unpadded' during decryption, removing a reliance on some lax OpenSSL behaviour and making us compatible with future Cryptography releases (GH#2490)
This update was done because the "future Cryptography releases" landed in EL-10

Local Packages

Updated perl-Test-Simple to 1.302221 as per the Fedora version

Sunday 14th June 2026

Local Packages

Updated perl-PPIx-Regexp to 0.092:
- Remove references to the RT bug tracking system
- Replace wyant@cpan.org with harryfmudd@comcast.net
- Correct documentation errors
- No functional changes

Saturday 13th June 2026

Fedora Project

Updated perl-Business-ISBN-Data to 20260613.001 in Rawhide:
- Data update for 2026-06-13
Updated perl-PPIx-QuoteLike to 0.024 in Rawhide:
- Remove references to the RT bug tracking system
- Replace wyant@cpan.org with harryfmudd@comcast.net
- Repackage licenses so that GitHub can find them (maybe)
- Add SECURITY policy
- No functional changes

Local Packages

Updated perl-PPIx-QuoteLike to 0.024 as per the Fedora version

Friday 12th June 2026

Fedora Project

Updated perl-Business-ISBN-Data to 20260611.001 in Rawhide:
- Data update for 2026-06-11
Updated perl-Crypt-PBKDF2 to 0.261630 in F-43, F-44, Rawhide, EPEL-9, EPEL-10.2 and EPEL-10:
- Change the default hash algorithm to HMAC-SHA256, and increase the default number of iterations to 600,000, in line with current OWASP recommendations (CVE-2026-9641)
- Generate salts using Crypt::URandom (a strong system RNG) instead of perl's builtin rand(), which is not cryptographically secure (CVE-2026-9638)
- Use a constant-time comparison in 'validate' to avoid timing attacks (CVE-2017-20240)

Local Packages

Updated perl-BDB (1.92) to rename atfork_child to bdb_atfork_child to avoid collision with perl 5.43.2+
Updated perl-Crypt-PBKDF2 to 0.261630 as per the Fedora version
Updated sendmail (8.18.2) to enable support for SMTPUTF8 (RFC 6531) and to use self-signed certificate instead of the CA bundle (Bug #2476449)

Other Entries

Year 2026
January	February	March
April	May	June
July	August	September
October	November	December

Year 2025
January	February	March
April	May	June
July	August	September
October	November	December

Year 2024
January	February	March
April	May	June
July	August	September
October	November	December

Year 2023
January	February	March
April	May	June
July	August	September
October	November	December

Year 2022
January	February	March
April	May	June
July	August	September
October	November	December

Year 2021
January	February	March
April	May	June
July	August	September
October	November	December

Year 2020
January	February	March
April	May	June
July	August	September
October	November	December

Year 2019
January	February	March
April	May	June
July	August	September
October	November	December

Year 2018
January	February	March
April	May	June
July	August	September
October	November	December

Year 2017
January	February	March
April	May	June
July	August	September
October	November	December

Year 2016
January	February	March
April	May	June
July	August	September
October	November	December

Year 2015
January	February	March
April	May	June
July	August	September
October	November	December

Year 2014
January	February	March
April	May	June
July	August	September
October	November	December

Year 2013
January	February	March
April	May	June
July	August	September
October	November	December

Year 2012
January	February	March
April	May	June
July	August	September
October	November	December

Year 2011
January	February	March
April	May	June
July	August	September
October	November	December

Year 2010
January	February	March
April	May	June
July	August	September
October	November	December

Year 2009
January	February	March
April	May	June
July	August	September
October	November	December

Year 2008
January	February	March
April	May	June
July	August	September
October	November	December

Year 2007
January	February	March
April	May	June
July	August	September
October	November	December

Year 2006
January	February	March
April	May	June
July	August	September
October	November	December

Local Packages refers to my local package repository at http://www.city-fan.org/ftp/contrib/

Login

Hints, Tips and HOWTOs

Search:

Recent

Toolbox

Rename Page
Delete Page

My Pages
Subscribe User