Bug#1140105: libcrypt-dsa-perl: CVE-2026-12205
Salvatore Bonaccorso
carnil at debian.org
Tue Jun 16 06:05:34 BST 2026
Hi Gregor,
On Mon, Jun 15, 2026 at 11:24:25PM +0200, gregor herrmann wrote:
> On Mon, 15 Jun 2026 22:53:58 +0200, Salvatore Bonaccorso wrote:
>
> > CVE-2026-12205[0]:
> > | key material reuse for multiple signing events
> >
> > I'm opening this at RC level, with the following question: Should
> > libcrypt-dsa-perl be removed from unstable and so forky?
>
> Probably yes. No reverse dependencies, low popcon, deprecated upstream …
I made separate bug for this, #1140120.
Regards,
Salvatore
More information about the pkg-perl-maintainers
mailing list