Accepted perl 5.32.1-4+deb11u4 (source) into oldstable-security

Mon Oct 21 13:20:20 BST 2024

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 20 Oct 2024 23:53:39 +0200
Source: perl
Architecture: source
Version: 5.32.1-4+deb11u4
Distribution: bullseye-security
Urgency: high
Maintainer: Niko Tyni <ntyni at debian.org>
Changed-By: Guilhem Moulin <guilhem at debian.org>
Closes: 1015985 1035109
Changes:
 perl (5.32.1-4+deb11u4) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * Fix CVE-2020-16156: CPAN.pm: Bypass of verification of signatures in
     CHECKSUMS files. (Closes: #1015985)
   * Fix CVE-2023-31484: CPAN.pm does not verify TLS certificates when
     downloading distributions over HTTPS. (Closes: #1035109)
Checksums-Sha1:
 aff1054c0e8cf3cb16fee3069e2a10795bdcbda5 2893 perl_5.32.1-4+deb11u4.dsc
 54a6edeb0ad3b9a0afe089d85e5e743b730b18c5 871331 perl_5.32.1.orig-regen-configure.tar.gz
 1fb4f710d139da1e1a3e1fa4eaba201fcaa8e18e 12610988 perl_5.32.1.orig.tar.xz
 1a9f3ec534dceb86f90304bcce61fed77438ebe3 170428 perl_5.32.1-4+deb11u4.debian.tar.xz
 fd060fab4a837106e4932e82eb8f0217f2406085 8238 perl_5.32.1-4+deb11u4_amd64.buildinfo
Checksums-Sha256:
 57ac45e316fd4a82e476883c3326f9df7f27ed6ff07cc4541a0600b503742695 2893 perl_5.32.1-4+deb11u4.dsc
 1d179b41283f12ad83f9758430f6ddc49bdf20db5c396aeae7e51ebb4e4afd29 871331 perl_5.32.1.orig-regen-configure.tar.gz
 57cc47c735c8300a8ce2fa0643507b44c4ae59012bfdad0121313db639e02309 12610988 perl_5.32.1.orig.tar.xz
 3fd8c90c0b5a8d4efeb2f2cb03d4c83d9fff90e223d3d1d385754a44cf59f597 170428 perl_5.32.1-4+deb11u4.debian.tar.xz
 9ec83b2dcf52af6b5d0bed191c0c7b94d76b692650ca81b7230ee135fd9b039b 8238 perl_5.32.1-4+deb11u4_amd64.buildinfo
Files:
 545ad3b7ed280a4e714087b3c047b315 2893 perl standard perl_5.32.1-4+deb11u4.dsc
 377ac050e8c90f3361fec97d91e96469 871331 perl standard perl_5.32.1.orig-regen-configure.tar.gz
 7f104064b906ad8c7329ca5e409a32d7 12610988 perl standard perl_5.32.1.orig.tar.xz
 518675f386a529d452a35ea6d2346d1a 170428 perl standard perl_5.32.1-4+deb11u4.debian.tar.xz
 a2684307248dd394e289f00e35ab12bd 8238 perl standard perl_5.32.1-4+deb11u4_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmcVh4IACgkQ05pJnDwh
pVJLow/+JcwOu4QGx9EwfYh+V5aIDQ7id25xx6hGBcYnIcBVYSAUlgzxk73JSdBC
FlRL79QIVBbY6dsZGDiyS3ezg3UioJQWmFW8R1AQXCliwSt1CGhWJcSHSCcfY/kV
vxM5A8YdVtixEcOy1mGHdLwXN4bBf89stIIb1zuGTFHOen6N1tXsfJn4nC9utTTV
NMvf2UDhcvyYonNPUr/bfH2TXpHxD/L2fBQm2eNRusaJB0m/eEXPOhCGk/5LepuW
geAoEJ69taCf4ZpWXjsO12uvwSqYLNZdn2H/X75S0wB/qLvh2yJfV/LqBK+ZAaFm
KggTbW4L9b8z8IlQydeREDNIh+F3C4wIRZDSe3cT5gKj+kOytKtTyC11I9MMjZqP
NZtqMiATcNdeSL2kepJyUN+2VYj6BNVoRVXdPF1eILQDibffWF8x26/2nlX4Yf8b
5X2Q4rsqleQP7pzs0e8hHXr1oIU/NZmonvbdDBEIEQHggvisn3D3+UK0F/apLVNh
mYUgzRdMtC8hwTefuJxP15+LQ7+R61dkXZ+s2jR0POBghs9Bn2rKqvLtl9E2IUPO
8iSb4AWoM0O7bMAABNtvTHs2W7gxvIA80dZAbxeNvyn+VRTO1Sx2iVFpq7n9Mz9x
SNTZHI67PqHGeAc4b5gT10rdTaIYES84lQygCG2cAWRjE/l6Mcs=
=a/+H
-----END PGP SIGNATURE-----

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/perl-maintainers/attachments/20241021/5fca9f08/attachment.sig>