Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c7917e49 by Salvatore Bonaccorso at 2023-04-19T20:45:33+02:00
Update information for CVE-2020-16155
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -215870,13 +215870,13 @@ CVE-2020-16156 (CPAN 2.28 allows Signature
Verification Bypass. ...)
NOTE:
https://github.com/andk/cpanpm/commit/7d4d5e32bcd9b75f7bf70a395938a48ca4a06d25
(2.33-TRIAL)
NOTE:
https://github.com/andk/cpanpm/commit/89b13baf1d46e4fb10023af30ef305efec4fd603
(2.33-TRIAL)
CVE-2020-16155 (The CPAN::Checksums package 2.12 for Perl does not uniquely
define sig ...)
- - libcpan-checksums-perl <unfixed> (bug #1033109)
- [bookworm] - libcpan-checksums-perl <no-dsa> (Minor issue)
+ - libcpan-checksums-perl 2.13-1 (bug #1033109)
[bullseye] - libcpan-checksums-perl <no-dsa> (Minor issue)
[buster] - libcpan-checksums-perl <no-dsa> (Minor issue)
[stretch] - libcpan-checksums-perl <no-dsa> (Minor issue)
NOTE:
https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
NOTE:
http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
+ NOTE:
https://github.com/andk/cpan-checksums/commit/9d2f5f26470ff7ce53ef697d09790fc4db451ab1
(2.13)
CVE-2020-16154 (The App::cpanminus package 1.7044 for Perl allows Signature
Verificati ...)
- cpanminus 1.7045-1
[bullseye] - cpanminus <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7917e498ae709d86fce576ec79e78edef5ca035
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7917e498ae709d86fce576ec79e78edef5ca035
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
