Bug#1140105: libcrypt-dsa-perl: CVE-2026-12205
gregor herrmann
gregoa at debian.org
Mon Jun 15 22:24:25 BST 2026
On Mon, 15 Jun 2026 22:53:58 +0200, Salvatore Bonaccorso wrote:
>CVE-2026-12205[0]:
>| key material reuse for multiple signing events
>
>I'm opening this at RC level, with the following question: Should
>libcrypt-dsa-perl be removed from unstable and so forky?
Probably yes. No reverse dependencies, low popcon, deprecated
upstream …
Cheers,
gregor
--
.''`. https://info.comodo.priv.at -- Debian Developer https://www.debian.org
: :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06
`. `' Member VIBE!AT & SPI Inc. -- Supporter Free Software Foundation Europe
`-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: Digital Signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-perl-maintainers/attachments/20260615/278b57ff/attachment.sig>
More information about the pkg-perl-maintainers
mailing list