git: 64861d1b7e3d - main - security/vuxml: Fix entry
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 27 Aug 2025 17:03:48 UTC
The branch main has been updated by fernape:
URL: https://cgit.FreeBSD.org/ports/commit/?id=64861d1b7e3dd9f8f77c0cf32eb1ed4f8c701239
commit 64861d1b7e3dd9f8f77c0cf32eb1ed4f8c701239
Author: Fernando Apesteguía <fernape@FreeBSD.org>
AuthorDate: 2025-08-27 17:02:53 +0000
Commit: Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2025-08-27 17:02:53 +0000
security/vuxml: Fix entry
Fixes: 35f7214f7a9ec
---
security/vuxml/vuln/2025.xml | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml
index e8651b2ce86e..4c84615ca2f7 100644
--- a/security/vuxml/vuln/2025.xml
+++ b/security/vuxml/vuln/2025.xml
@@ -48,10 +48,14 @@
<body xmlns="http://www.w3.org/1999/xhtml">
<p>perl-catalyst project reports:</p>
<blockquote cite="https://nvd.nist.gov/vuln/detail/CVE-2025-40920">
- <p>Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using
- the Perl Data::UUID library. * Data::UUID does not use a strong cryptographic source for generating
- UUIDs.* Data::UUID returns v3 UUIDs, which are generated from known information and are unsuitable for
- security, as per RFC 9562. * The nonces should be generated from a strong cryptographic source, as per RFC 7616.</p>
+ <p>Catalyst::Authentication::Credential::HTTP versions 1.018
+ and earlier for Perl generate nonces using
+ the Perl Data::UUID library. * Data::UUID does not use a
+ strong cryptographic source for generating
+ UUIDs.* Data::UUID returns v3 UUIDs, which are generated
+ from known information and are unsuitable for
+ security, as per RFC 9562. * The nonces should be generated
+ from a strong cryptographic source, as per RFC 7616.</p>
</blockquote>
</body>
</description>