HSEC-2023-0015 cabal-install uses expired key policies

cabal-install uses expired key policies A problem was recently discovered in cabal-install's implementation of the Hackage Security protocol that would allow an attacker who was in possession of a revoked private key and who could perform a man-in-the-middle attack against Hackage to use the...

HSEC-2025-0005 cabal-install dependency confusion

cabal-install dependency confusion For cabal-install 3.4.0.0 and where multiple repositories are configured, the resolver picks the highest available version across all repositories. Where a package is only defined in a private repository, this behaviour leads to a dependency confusionblog supply...

PT-2025-30608 · Hackage · Cabal-Install

cabal-install dependency confusion For cabal-install 3.4.0.0 and where multiple repositories are configured, the resolver picks the highest available version across all repositories. Where a package is only defined in a private repository, this behaviour leads to a dependency confusionblog supply...

[SECURITY] Fedora 34 Update: cabal-rpm-2.0.11-1.fc34

This package provides a RPM packaging tool for Haskell Cabal-based packages. cabal-rpm has commands to generate a RPM spec file and srpm for a package. It can rpmbuild packages, yum/dnf install their dependencies, prep packages, and install them. There are commands to list package dependencies an...

Fedora: Security Advisory for cabal-rpm (FEDORA-2022-78559f99a9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 35 Update: cabal-rpm-2.0.11-1.fc35

This package provides a RPM packaging tool for Haskell Cabal-based packages. cabal-rpm has commands to generate a RPM spec file and srpm for a package. It can rpmbuild packages, yum/dnf install their dependencies, prep packages, and install them. There are commands to list package dependencies an...

Fedora Update for cabal-install FEDORA-2015-8206

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 22 : cabal-install-1.18.1.0-1.fc22 / haskell-platform-2014.2.0.0.2-4.fc22 (2015-8206)

Force cabal upload to always use digest auth and never basic auth Note this only affects uploading of new source tarballs to Hackage by Haskell upstream package maintainers. It is safer to upload packages via the Hackage web interface. Note that Tenable Network Security has extracted the precedin...

Analyze Cryptographic Specifications: Cryptol

The Cryptol specification language was designed by Galois for the NSA’s Trusted Systems Research Group as a public standard for specifying cryptographic algorithms. A reference specification can serve as the formal documentation for a cryptographic module. Unlike current specification mechanisms,...