Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1

To: Salvatore Bonaccorso <carnil@debian.org>, 712798@bugs.debian.org
Subject: Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Thu, 20 Jun 2013 22:59:22 +0100
Message-id: <1371765562.5039.13.camel@jacala.jungle.funky-badger.org>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 712798@bugs.debian.org
In-reply-to: <20130619203823.GA7855@eldamar.local>
References: <20130619162120.28416.58557.reportbug@elende.valinor.li> <1371667651.25307.2.camel@jacala.jungle.funky-badger.org> <20130619203823.GA7855@eldamar.local>

Control: tags -1 + pending

On Wed, 2013-06-19 at 22:38 +0200, Salvatore Bonaccorso wrote:
> On Wed, Jun 19, 2013 at 07:47:31PM +0100, Adam D. Barratt wrote:
> > On Wed, 2013-06-19 at 18:21 +0200, Salvatore Bonaccorso wrote:
> > > Here is the corresponding opu for libmodule-signature-perl fixing
> > > CVE-2013-2145 (#711239). If an attacker can replace the Cipher in the
> > > SIGNATURE file and also provide a ./Digest/SomeCipher, this would be
> > > run with the privileges of the user running 'cpansign -verify'
> > 
> > Please go ahead; thanks.
> 
> Uploaded.

and flagged for acceptance.

Regards,

Adam

Reply to:

References:
- Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Processed: Re: Bug#706142: pu: telepathy-idle/0.1.11-2+deb7u1
Next by Date: Bug#670902: marked as done (transition: hsqldb 2.2)
Previous by thread: Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1
Next by thread: Processed: Re: Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1
Index(es):
- Date
- Thread