Bug#712798: opu: package libmodule-signature-perl/0.63-1+squeeze1
Control: tags -1 + pending
On Wed, 2013-06-19 at 22:38 +0200, Salvatore Bonaccorso wrote:
> On Wed, Jun 19, 2013 at 07:47:31PM +0100, Adam D. Barratt wrote:
> > On Wed, 2013-06-19 at 18:21 +0200, Salvatore Bonaccorso wrote:
> > > Here is the corresponding opu for libmodule-signature-perl fixing
> > > CVE-2013-2145 (#711239). If an attacker can replace the Cipher in the
> > > SIGNATURE file and also provide a ./Digest/SomeCipher, this would be
> > > run with the privileges of the user running 'cpansign -verify'
> >
> > Please go ahead; thanks.
>
> Uploaded.
and flagged for acceptance.
Regards,
Adam
Reply to: