CPAN Security Group
Welcome to the CPAN Security Group. This is a community effort for supporting and responding to security incidents on CPAN – the Comprehensive Perl Archive Network.
This group also cares about security-related topics around CPAN distributions, the CPAN/PAUSE infrastructure, and about tooling and the ecosystem in general. Over time, we aim to improve supply chain security, make CPAN a more secure and trustworthy publishing platform, and more.
Learn more & Contribute
On CPAN, improving security is a volunteer-driven collaborative effort. If you care and would like to make a contribution, you can…
- Explore our main website
- Check us out on Github
- Join us in our IRC channel, #cpan-security on irc.perl.org
- Send a mail to <firstname.lastname@example.org>
- Subscribe to @email@example.com on the Fediverse
- Presentations about us and our work
Between Dec 2023 and Jan 2024, vulnerabilities in Spreadsheet::ParseExcel and Spreadsheet::ParseXLSX were reported to the CPAN Security Group (CPANSec). This document describes the timeline and analysis of events.
There's a new group in the Perl + CPAN communities!
subscribe via RSS