[ubuntu/bionic-updates] perl 5.26.1-6ubuntu0.6 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Wed Oct 19 12:28:21 UTC 2022
perl (5.26.1-6ubuntu0.6) bionic-security; urgency=medium
* SECURITY UPDATE: Signature verification bypass
- debian/patches/CVE-2020-16156-1.patch: signature
verification type CANNOT_VERIFY was not recognized
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debia/patches/CVE-2020-16156-2.patch: add two new failure modes
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-3.patch: use gpg
to disentangle data and signature in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-4.patch: replacing die with mydie in
three spots in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-5.patch: disambiguate the call
to gpg --output by adding --verify in
cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-6.patch: corrects typo
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-7.patch: corrects typo
in cpan/CPAN/lib/CPAN/Distribution.pm.
- CVE-2020-16156
Date: 2022-10-05 17:12:09.124786+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/perl/5.26.1-6ubuntu0.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list