[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1

Hi Adam,

On Wed, Jun 19, 2013 at 07:47:31PM +0100, Adam D. Barratt wrote:
> user release.debian.org@packages.debian.org
> usertags 712798 = pu
> tags 712798 + confirmed squeeze
> retitle 712798 pu: package libmodule-signature-perl/0.63-1+squeeze1
> thanks
> 
> On Wed, 2013-06-19 at 18:21 +0200, Salvatore Bonaccorso wrote:
> > Here is the corresponding opu for libmodule-signature-perl fixing
> > CVE-2013-2145 (#711239). If an attacker can replace the Cipher in the
> > SIGNATURE file and also provide a ./Digest/SomeCipher, this would be
> > run with the privileges of the user running 'cpansign -verify'
> 
> Please go ahead; thanks.

Uploaded.

Regards,
Salvatore
Reply to: