Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1

To: Salvatore Bonaccorso <carnil@debian.org>, 712798@bugs.debian.org
Subject: Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Wed, 19 Jun 2013 19:47:31 +0100
Message-id: <1371667651.25307.2.camel@jacala.jungle.funky-badger.org>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 712798@bugs.debian.org
In-reply-to: <20130619162120.28416.58557.reportbug@elende.valinor.li>
References: <20130619162120.28416.58557.reportbug@elende.valinor.li>

user release.debian.org@packages.debian.org
usertags 712798 = pu
tags 712798 + confirmed squeeze
retitle 712798 pu: package libmodule-signature-perl/0.63-1+squeeze1
thanks

On Wed, 2013-06-19 at 18:21 +0200, Salvatore Bonaccorso wrote:
> Here is the corresponding opu for libmodule-signature-perl fixing
> CVE-2013-2145 (#711239). If an attacker can replace the Cipher in the
> SIGNATURE file and also provide a ./Digest/SomeCipher, this would be
> run with the privileges of the user running 'cpansign -verify'

Please go ahead; thanks.

Regards,

Adam

Reply to:

Follow-Ups:
- Processed: Re: Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1
  - From: owner@bugs.debian.org (Debian Bug Tracking System)
- Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1
  - From: Salvatore Bonaccorso <carnil@debian.org>

References:
- Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Bug#712597: pu: package libmodule-signature-perl/0.68-1+deb7u1
Next by Date: Processed: Re: Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1
Previous by thread: Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1
Next by thread: Processed: Re: Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1
Index(es):
- Date
- Thread