Issued at: 2026-07-01
Updated at: 2026-07-01
Synopsis
Important: perl-IO-Compress security update
Description
This distribution provides a Perl interface to allow reading and writing of compressed data created with the zlib and bzip2 libraries. IO-Compress supports reading and writing of bzip2, RFC 1950, RFC 1951, RFC 1952 (i.e. gzip) and zip files/buffers. The following modules used to be distributed separately, but are now included with the IO-Compress distribution:
* Compress-Zlib
* IO-Compress-Zlib
* IO-Compress-Bzip2
* IO-Compress-Base
Security Fix(es):
* perl-IO-Compress: perl-IO-Compress: Arbitrary code execution via attacker-controlled output glob (CVE-2026-48962)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.