[ubuntu/focal-security] perl 5.30.0-9ubuntu0.3 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Wed Oct 19 11:38:09 UTC 2022
perl (5.30.0-9ubuntu0.3) focal-security; urgency=medium
* SECURITY UPDATE: Signature verification bypass
- debian/patches/CVE-2020-16156-1.patch: signature
verification type CANNOT_VERIFY was not recognized
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debia/patches/CVE-2020-16156-2.patch: add two new failure modes
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-3.patch: use gpg
to disentangle data and signature in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-4.patch: replacing die with mydie in
three spots in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-5.patch: disambiguate the call
to gpg --output by adding --verify in
cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-6.patch: corrects typo
in cpan/CPAN/lib/CPAN/Distribution.pm.
- debian/patches/CVE-2020-16156-7.patch: corrects typo
in cpan/CPAN/lib/CPAN/Distribution.pm.
- CVE-2020-16156
Date: 2022-10-06 11:57:09.111932+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/perl/5.30.0-9ubuntu0.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list