Back to bug 2035273

Who	When	What	Removed	Added
Marian Rehak	2021-12-23 12:51:44 UTC	Depends On		2035274
Marian Rehak	2021-12-23 12:52:10 UTC	Blocks		2035276
Tomas Hoger	2022-01-04 09:56:05 UTC	Summary	CVE-2020-16156 perl-CPAN: allows Signature Verification Bypass	CVE-2020-16156 perl-CPAN: signature verification bypass
Tomas Hoger	2022-01-05 09:13:20 UTC	Summary	CVE-2020-16156 perl-CPAN: signature verification bypass	CVE-2020-16156 perl-CPAN: Bypass of verification of signatures in CHECKSUMS file
Tomas Hoger	2022-01-05 09:14:16 UTC	Fixed In Version		perl-CPAN 2.29
		Summary	CVE-2020-16156 perl-CPAN: Bypass of verification of signatures in CHECKSUMS file	CVE-2020-16156 perl-CPAN: Bypass of verification of signatures in CHECKSUMS files
Tomas Hoger	2022-01-05 09:15:40 UTC	Depends On		2037211
Tomas Hoger	2022-01-07 13:15:57 UTC	Comment	7	updated
Tomas Hoger	2022-01-07 13:16:54 UTC	Comment	7	updated
Tomas Hoger	2022-01-07 18:35:30 UTC	Depends On		2038307, 2038304, 2038306, 2038305
Tomas Hoger	2022-01-10 09:57:25 UTC	Doc Text		A flaw was found in the way the perl-CPAN performed verification of package signatures stored in CHECKSUMS files. A malicious or compromised CPAN server used by the user, or a man-in-the-middle attacker, could use this flaw to bypass signature verification.
Eric Christensen	2022-01-10 15:25:05 UTC	Doc Text	A flaw was found in the way the perl-CPAN performed verification of package signatures stored in CHECKSUMS files. A malicious or compromised CPAN server used by the user, or a man-in-the-middle attacker, could use this flaw to bypass signature verification.	A flaw was found in the way the perl-CPAN performed verification of package signatures stored in CHECKSUMS files. A malicious or compromised CPAN server used by a user, or a man-in-the-middle attacker, could use this flaw to bypass signature verification.
Red Hat Bugzilla	2023-07-07 08:31:13 UTC	Assignee	security-response-team	nobody

Back to bug 2035273