Debian Bug report logs -
#1015985
perl: CVE-2020-16156
Package:
src:perl;
Maintainer for src:perl is Niko Tyni <ntyni@debianorg>;
Reported by: Moritz Mühlenhoff <jmm@inutilorg>
Date: Sun, 24 Jul 2022 19:00:02 UTC
Severity: normal
Tags: security
Reply or subscribe to this bug
Toggle useless messagesView this ...
A flaw was found in the way the perl-CPAN performed verification of package signatures stored in CHECKSUMS files A malicious or compromised CPAN server used by a user, or a man-in-the-middle attacker, could use this flaw to bypass signature verification (CVE-2020-16156) ...
A flaw was found in the way the perl-CPAN performed verification of package signatures stored in CHECKSUMS files A malicious or compromised CPAN server used by a user, or a man-in-the-middle attacker, could use this flaw to bypass signature verification (CVE-2020-16156) ...