21 matches found
RHEL 7 : perl-module-signature (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl-Module-Signature: unsigned files interpreted as signed in some circumstances CVE-2015-3406 -...
Mageia: Security Advisory (MGASA-2015-0160)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2013-0184)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : perl-Module-Signature (openSUSE-2016-61)
This update to perl-Module-Signature 0.79 fixes the following security issues : - More protection of @INC from relative paths. CVE-2015-3409 - Fix GPG signature parsing logic. CVE-2015-3406 - MANIFEST.SKIP is no longer consulted unless --skip is given. CVE-2015-3407 - Properly use open modes to...
perl-Module-Signature content spoofing
Unsigned content can be interpreted as a signed...
[ MDVSA-2015:207 ] perl-Module-Signature
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:207 http://www.mandriva.com/en/support/security/ Package : perl-Module-Signature Date : April 27, 2015 Affected: Business Server 1.0 Problem Description: Updated perl-Module-Signature package fixes the...
Mandriva Linux Security Advisory : perl-Module-Signature (MDVSA-2015:207)
Updated perl-Module-Signature package fixes the following security vulnerabilities reported by John Lightsey : Module::Signature could be tricked into interpreting the unsigned portion of a SIGNATURE file as the signed portion due to faulty parsing of the PGP signature boundaries. When verifying...
Fedora 20 : perl-Module-Signature-0.78-1.fc20 / perl-Test-Signature-1.11-1.fc20 (2015-5840)
This update addresses various security issues in perl-Module-Signature as described below. The default behavior is also changed so as to ignore any MANIFEST.SKIP files unless a 'skip' parameter is specified. An updated version of perl-Test-Signature that accounts for the changed default behavior ...
Fedora Update for perl-Module-Signature FEDORA-2015-5840
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for perl-Module-Signature FEDORA-2015-5833
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated perl-Module-Signature packages fix security vulnerabilities
Updated perl-Module-Signature package fixes the following security vulnerabilities reported by John Lightsey: Module::Signature could be tricked into interpreting the unsigned portion of a SIGNATURE file as the signed portion due to faulty parsing of the PGP signature boundaries. When verifying t...
MGASA-2015-0160 Updated perl-Module-Signature packages fix security vulnerabilities
Updated perl-Module-Signature package fixes the following security vulnerabilities reported by John Lightsey: Module::Signature could be tricked into interpreting the unsigned portion of a SIGNATURE file as the signed portion due to faulty parsing of the PGP signature boundaries. When verifying t...
Perl Module-Signature module: Arbitrary code execution
Background The Perl Module::Signature module adds signing capabilities to CPAN modules. Description The ‘cpansign verify’ command will automatically download keys and use them to check the signature of CPAN packages via the SIGNATURE file. If an attacker were to replace this SHA1 with a special...
Fedora 19 : perl-Module-Signature-0.73-1.fc19 (2013-10354)
This update ensures that digest modules are only loaded from absolute paths in @INC, avoiding a potential arbitrary code execution problem CVE-2013-2145. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...
Fedora 18 : perl-Module-Signature-0.73-1.fc18 (2013-10430)
This update ensures that digest modules are only loaded from absolute paths in @INC, avoiding a potential arbitrary code execution problem CVE-2013-2145. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...
Fedora 17 : perl-Module-Signature-0.73-1.fc17 (2013-10415)
This update ensures that digest modules are only loaded from absolute paths in @INC, avoiding a potential arbitrary code execution problem CVE-2013-2145. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...
Mandriva Linux Security Advisory : perl-Module-Signature (MDVSA-2013:185)
Updated perl-Module-Signature package fixes CVE-2013-2145 Arbitrary code execution vulnerability in Module::Signature before 0.72 CVE-2013-2145. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Mandriva Linux Security...
MGASA-2013-0184 Updated perl-Module-Signature package fixes CVE-2013-2145
Arbitrary code execution vulnerability in Module::Signature before 0.72 CVE-2013-2145...
Fedora Update for perl-Module-Signature FEDORA-2013-10415
Check for the Version of perl-Module-Signature OpenVAS Vulnerability Test Fedora Update for perl-Module-Signature FEDORA-2013-10415 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...
Fedora Update for perl-Module-Signature FEDORA-2013-10415
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...