From: Andrew Hewus Fresh <andrew@afresh1.com>
Subject: [UPDATE] net/p5-Net-CIDR-Lite to 0.23
To: ports@openbsd.org
Date: Sat, 11 Apr 2026 09:53:02 -0700

Two CVE fixes:

- Security: (CVE-2026-40198) Reject invalid uncompressed IPv6.
  https://lists.security.metacpan.org/cve-announce/msg/38785616/

Net::CIDR::Lite versions before 0.23 for Perl mishandles IPv4 mapped
IPv6 addresses, which may allow IP ACL bypass

- Security: (CVE-2026-40199) Fix IPv4 mapped IPv6 packed length. 
  https://lists.security.metacpan.org/cve-announce/msg/38785618/

Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6
group count, which may allow IP ACL bypass

OK?  Commit to OPENBSD_7_8? OPENBSD_7_7?

Index: Makefile
===================================================================
RCS file: /cvs/ports/net/p5-Net-CIDR-Lite/Makefile,v
diff -u -p -r1.15 Makefile
--- Makefile	11 Mar 2022 19:46:39 -0000	1.15
+++ Makefile	11 Apr 2026 16:48:37 -0000
@@ -2,7 +2,8 @@ COMMENT=	Perl extension for merging IPv4
 
 MODULES=	cpan
 PKG_ARCH=	*
-DISTNAME=	Net-CIDR-Lite-0.22
+DISTNAME=	Net-CIDR-Lite-0.23
+CPAN_AUTHOR=	STIGTSP
 CATEGORIES=	net
 
 # GPL/Artistic
Index: distinfo
===================================================================
RCS file: /cvs/ports/net/p5-Net-CIDR-Lite/distinfo,v
diff -u -p -r1.8 distinfo
--- distinfo	5 Apr 2021 13:21:48 -0000	1.8
+++ distinfo	11 Apr 2026 16:48:37 -0000
@@ -1,2 +1,2 @@
-SHA256 (Net-CIDR-Lite-0.22.tar.gz) = QxfYyzQaYXueCIjaQ8Cc3//8sMnt97jJko10KlY7hRc=
-SIZE (Net-CIDR-Lite-0.22.tar.gz) = 10823
+SHA256 (Net-CIDR-Lite-0.23.tar.gz) = mlgnjkmgjN65vsAc7N06lb5zbQ59TQXRP5COOj/hDTI=
+SIZE (Net-CIDR-Lite-0.23.tar.gz) = 11089