22 lines
1.0 KiB
Diff
22 lines
1.0 KiB
Diff
diff -up HTTP-Tiny-0.074/lib/HTTP/Tiny.pm.orig HTTP-Tiny-0.074/lib/HTTP/Tiny.pm
|
|
--- HTTP-Tiny-0.074/lib/HTTP/Tiny.pm.orig 2024-01-16 12:26:34.204388229 +0100
|
|
+++ HTTP-Tiny-0.074/lib/HTTP/Tiny.pm 2024-01-16 12:29:19.282808545 +0100
|
|
@@ -1778,12 +1778,16 @@ C<timeout> — Request timeout in second
|
|
|
|
=item *
|
|
|
|
-C<verify_SSL> — A boolean that indicates whether to validate the SSL certificate of an C<https> — connection (default is false)
|
|
+C<verify_SSL> — A boolean that indicates whether to validate the SSL certificate of an C<https> — connection (default is true). Changed from false to true for CVE-2023-31486.
|
|
|
|
=item *
|
|
|
|
C<SSL_options> — A hashref of C<SSL_*> — options to pass through to L<IO::Socket::SSL>
|
|
|
|
+=item *
|
|
+
|
|
+C<$ENV{PERL_HTTP_TINY_SSL_INSECURE_BY_DEFAULT}> — Changes the default certificate verification behavior to not check server identity if set to 1. Only effective if C<verify_SSL> is not set. Added for CVE-2023-31486.
|
|
+
|
|
=back
|
|
|
|
Passing an explicit C<undef> for C<proxy>, C<http_proxy> or C<https_proxy> will
|