Skip to content

[AUTOPATCHER-CORE] Upgrade perl-libwww-perl to 6.83 for CVE-2026-8368#17335

Merged
kgodara912 merged 7 commits into
3.0-devfrom
cblmargh/perl-libwww-perl-upgrade-to-6.83-3.0-dev
Jun 2, 2026
Merged

[AUTOPATCHER-CORE] Upgrade perl-libwww-perl to 6.83 for CVE-2026-8368#17335
kgodara912 merged 7 commits into
3.0-devfrom
cblmargh/perl-libwww-perl-upgrade-to-6.83-3.0-dev

Conversation

@CBL-Mariner-Bot

@CBL-Mariner-Bot CBL-Mariner-Bot commented May 18, 2026

Copy link
Copy Markdown
Collaborator

@Kanishk-Bansal Kanishk-Bansal added security CVE-fixed-by-upgrade CVE fixed by package upgrade labels May 18, 2026
@Kanishk-Bansal Kanishk-Bansal marked this pull request as ready for review May 18, 2026 14:25
@Kanishk-Bansal Kanishk-Bansal requested a review from a team as a code owner May 18, 2026 14:25
@Kanishk-Bansal Kanishk-Bansal added the ptest package testing (%check section in spec) label May 18, 2026
Kanishk-Bansal and others added 2 commits May 18, 2026 19:59
@Kanishk-Bansal
Update perl-libwww-perl.spec
7b6cb98
@kgodara912
Remove cookie_jar.t test for Azure compatibility
e3bdb23 
Remove test that requires HTTP::CookieJar::LWP not available in Azure Linux.
@kgodara912

kgodara912 commented May 19, 2026

Copy link
Copy Markdown

Buddy build

@kgodara912
Skip incompatible tests in perl-libwww-perl.spec
75761eb 
Remove failing tests for compatibility with Azure Linux.
@kgodara912

kgodara912 commented May 26, 2026

Copy link
Copy Markdown

Buddy build

@kgodara912
Clean up incompatible test files for Azure Linux
070e472 
Remove specific test files that are not compatible with Azure Linux.
@kgodara912

kgodara912 commented May 26, 2026

Copy link
Copy Markdown

Buddy build

@Kanishk-Bansal Kanishk-Bansal added the ready-for-stable-review PR has passed initial review and is now ready for a second-level stable maintainer review label May 26, 2026
@kgodara912

kgodara912 commented Jun 1, 2026

Copy link
Copy Markdown

Buddy build

@BinduSri-6522866

BinduSri-6522866 commented Jun 1, 2026

Copy link
Copy Markdown

Buddy build passed.

kgodara912
kgodara912 approved these changes Jun 2, 2026
View reviewed changes

@kgodara912 kgodara912 left a comment
edited
Loading

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Version upgrade of module. There aren't breaking changes except addressing the CVE itself which restricts few cross origin things. Though the behavior has opt-out way; but to fix the cve, we need to take them. The redirect of https to http is also restricted. Buddy build is successful. The extra PR check failure is due to another python-twisted module cve caused one test failure as python3.12 support for that version of twisted is limited. LGTM.

@kgodara912 kgodara912 merged commit 9af3bc9 into 3.0-dev Jun 2, 2026
28 of 31 checks passed
@kgodara912 kgodara912 deleted the cblmargh/perl-libwww-perl-upgrade-to-6.83-3.0-dev branch June 2, 2026 06:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Kanishk-Bansal Kanishk-Bansal Kanishk-Bansal approved these changes

@kgodara912 kgodara912 kgodara912 approved these changes

Assignees

No one assigned

Labels

3.0-dev PRs Destined for AzureLinux 3.0 Automatic PR AutoUpgrade Core CVE-fixed-by-upgrade CVE fixed by package upgrade Packaging ptest package testing (%check section in spec) ready-for-stable-review PR has passed initial review and is now ready for a second-level stable maintainer review security

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@CBL-Mariner-Bot @kgodara912 @BinduSri-6522866 @Kanishk-Bansal