[Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-16155
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Apr 19 19:46:03 BST 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c7917e49 by Salvatore Bonaccorso at 2023-04-19T20:45:33+02:00
Update information for CVE-2020-16155
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -215870,13 +215870,13 @@ CVE-2020-16156 (CPAN 2.28 allows Signature Verification Bypass. ...)
NOTE: https://github.com/andk/cpanpm/commit/7d4d5e32bcd9b75f7bf70a395938a48ca4a06d25 (2.33-TRIAL)
NOTE: https://github.com/andk/cpanpm/commit/89b13baf1d46e4fb10023af30ef305efec4fd603 (2.33-TRIAL)
CVE-2020-16155 (The CPAN::Checksums package 2.12 for Perl does not uniquely define sig ...)
- - libcpan-checksums-perl <unfixed> (bug #1033109)
- [bookworm] - libcpan-checksums-perl <no-dsa> (Minor issue)
+ - libcpan-checksums-perl 2.13-1 (bug #1033109)
[bullseye] - libcpan-checksums-perl <no-dsa> (Minor issue)
[buster] - libcpan-checksums-perl <no-dsa> (Minor issue)
[stretch] - libcpan-checksums-perl <no-dsa> (Minor issue)
NOTE: https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/
NOTE: http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html
+ NOTE: https://github.com/andk/cpan-checksums/commit/9d2f5f26470ff7ce53ef697d09790fc4db451ab1 (2.13)
CVE-2020-16154 (The App::cpanminus package 1.7044 for Perl allows Signature Verificati ...)
- cpanminus 1.7045-1
[bullseye] - cpanminus <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7917e498ae709d86fce576ec79e78edef5ca035
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7917e498ae709d86fce576ec79e78edef5ca035
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230419/12a21d03/attachment.htm>
More information about the debian-security-tracker-commits
mailing list