Advisories » MGASA-2025-0285

Updated perl-Authen-SASL packages fix security vulnerability

Publication date: 13 Nov 2025
Modification date: 13 Nov 2025
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-40918

Description

Authen::SASL::Perl::DIGEST_MD5 versions 2.04 through 2.1800 for Perl
generates the cnonce insecurely. (CVE-2025-40918)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=34489
• https://www.openwall.com/lists/oss-security/2025/07/16/5
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-40918

SRPMS

9/core

• perl-Authen-SASL-2.160.0-13.1.mga9