Bug 640716

Summary: Let perl-CPAN Require: perl(Digest::SHA)
Product: Red Hat Enterprise Linux 6 Reporter: Marcela Mašláňová <mmaslano>
Component: perlAssignee: perl-maint-list
Status: CLOSED ERRATA QA Contact: Petr Šplíchal <psplicha>
Severity: medium Docs Contact:
Priority: low    
Version: 6.1CC: ohudlick, ovasik, psplicha
Target Milestone: rcKeywords: EasyFix
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: perl-5.10.1-116.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 612563 Environment:
Last Closed: 2011-05-19 11:37:59 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 612563    
Bug Blocks:    

Description Marcela Mašláňová 2010-10-06 16:59:50 UTC 
+++ This bug was initially created as a clone of Bug #612563 +++

Description of problem:

/usr/bin/cpan strongly suggests to install "Digest::SHA".

Fedora's perl-CPAN, however doesn't depend on "perl(Digest::SHA)", 
i.e. users will be tempted to manually install Digest::SHA

Note: We are talking about Fedora+cpan users. It's this group of users, which at least I consider to be specially susceptible to using cpan instead of using rpm-packaged perl-modules.

Version-Release number of selected component (if applicable):
perl-5.10.1-112.fc13.x86_64

How reproducible:
Always

Steps to Reproduce:
1. yum install perl-CPAN
2. /usr/bin/cpan
3. get Test
  
Actual results:

cpan issues a "strong suggestion":
...
  CPAN: checksum security checks disabled because Digest::SHA not installed.
  Please consider installing the Digest::SHA module.

Expected results:
cpan not to issue such warning and to behave "safe by default".
Comment 4 errata-xmlrpc 2011-05-19 11:37:59 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0558.html
Comment 5 errata-xmlrpc 2011-05-19 13:08:11 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0558.html