Back to bug 2035341
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Marian Rehak | 2021-12-23 17:08:57 UTC | Depends On | 2035342 | |
| Marian Rehak | 2021-12-23 17:08:59 UTC | Blocks | 2035343 | |
| Tomas Hoger | 2022-01-05 14:59:39 UTC | Summary | CVE-2020-16154 perl-App-cpanminus: signature verification bypass | CVE-2020-16154 perl-App-cpanminus: Bypass of verification of signatures in CHECKSUMS files |
| Tomas Hoger | 2022-01-05 15:12:40 UTC | Depends On | 2037408, 2037407 | |
| Tomas Hoger | 2022-01-10 09:36:47 UTC | Depends On | 2038837, 2038835, 2038836, 2038834 | |
| Tomas Hoger | 2022-01-10 10:41:29 UTC | Doc Text | A flaw was found in the way the perl-App-cpanminus performed verification of package signatures stored in CHECKSUMS files. A malicious or compromised CPAN server used by the user, or a man-in-the-middle attacker, could use this flaw to bypass signature verification. | |
| Eric Christensen | 2022-01-10 15:26:41 UTC | Doc Text | A flaw was found in the way the perl-App-cpanminus performed verification of package signatures stored in CHECKSUMS files. A malicious or compromised CPAN server used by the user, or a man-in-the-middle attacker, could use this flaw to bypass signature verification. | A flaw was found in the way the perl-App-cpanminus performed verification of package signatures stored in CHECKSUMS files. A malicious or compromised CPAN server used by a user, or a man-in-the-middle attacker, could use this flaw to bypass signature verification. |
| Red Hat Bugzilla | 2023-07-07 08:34:51 UTC | Assignee | security-response-team | nobody |
| Red Hat Bugzilla | 2023-07-21 23:03:17 UTC | CC | mmaslano |
Back to bug 2035341