Download raw body.
[UPDATE] net/p5-Net-CIDR-Lite to 0.23
ok. pretty low impact I think but 7.8-stable makes sense to me. we don't do -stable ports commits for older releases. -- Sent from a phone, apologies for poor formatting. On 11 April 2026 17:53:25 Andrew Hewus Fresh <andrew@afresh1.com> wrote: > Two CVE fixes: > > - Security: (CVE-2026-40198) Reject invalid uncompressed IPv6. > https://lists.security.metacpan.org/cve-announce/msg/38785616/ > > Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped > IPv6 addresses, which may allow IP ACL bypass > > - Security: (CVE-2026-40199) Fix IPv4 mapped IPv6 packed length. > https://lists.security.metacpan.org/cve-announce/msg/38785618/ > > Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 > group count, which may allow IP ACL bypass > > OK? Commit to OPENBSD_7_8? OPENBSD_7_7? > > Index: Makefile > =================================================================== > RCS file: /cvs/ports/net/p5-Net-CIDR-Lite/Makefile,v > diff -u -p -r1.15 Makefile > --- Makefile 11 Mar 2022 19:46:39 -0000 1.15 > +++ Makefile 11 Apr 2026 16:48:37 -0000 > @@ -2,7 +2,8 @@ COMMENT= Perl extension for merging IPv4 > > MODULES= cpan > PKG_ARCH= * > -DISTNAME= Net-CIDR-Lite-0.22 > +DISTNAME= Net-CIDR-Lite-0.23 > +CPAN_AUTHOR= STIGTSP > CATEGORIES= net > > # GPL/Artistic > Index: distinfo > =================================================================== > RCS file: /cvs/ports/net/p5-Net-CIDR-Lite/distinfo,v > diff -u -p -r1.8 distinfo > --- distinfo 5 Apr 2021 13:21:48 -0000 1.8 > +++ distinfo 11 Apr 2026 16:48:37 -0000 > @@ -1,2 +1,2 @@ > -SHA256 (Net-CIDR-Lite-0.22.tar.gz) = > QxfYyzQaYXueCIjaQ8Cc3//8sMnt97jJko10KlY7hRc= > -SIZE (Net-CIDR-Lite-0.22.tar.gz) = 10823 > +SHA256 (Net-CIDR-Lite-0.23.tar.gz) = > mlgnjkmgjN65vsAc7N06lb5zbQ59TQXRP5COOj/hDTI= > +SIZE (Net-CIDR-Lite-0.23.tar.gz) = 11089
[UPDATE] net/p5-Net-CIDR-Lite to 0.23