Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1
user release.debian.org@packages.debian.org
usertags 712798 = pu
tags 712798 + confirmed squeeze
retitle 712798 pu: package libmodule-signature-perl/0.63-1+squeeze1
thanks
On Wed, 2013-06-19 at 18:21 +0200, Salvatore Bonaccorso wrote:
> Here is the corresponding opu for libmodule-signature-perl fixing
> CVE-2013-2145 (#711239). If an attacker can replace the Cipher in the
> SIGNATURE file and also provide a ./Digest/SomeCipher, this would be
> run with the privileges of the user running 'cpansign -verify'
Please go ahead; thanks.
Regards,
Adam
Reply to: