Bug#1033109: libcpan-checksums-perl: CVE-2020-16155
gregor herrmann
gregoa at debian.org
Wed Apr 19 21:28:11 BST 2023
On Wed, 19 Apr 2023 20:43:38 +0200, Salvatore Bonaccorso wrote:
> > 2.13 adds the additional required path component, so maybe you are
> > right and we should consider the CVE addressed on the package side
> > with the addition of the cpan_path key.
>
> Discussed this today with Moritz: Let's do that and consider it fixed
> with the 2.13 introducing change. Much more can probably not be done.
Great, thanks to you and Moritz.
Cheers,
gregor
--
.''`. https://info.comodo.priv.at -- Debian Developer https://www.debian.org
: :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06
`. `' Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe
`-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: Digital Signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-perl-maintainers/attachments/20230419/e49f7b57/attachment.sig>
More information about the pkg-perl-maintainers
mailing list