Source: libmodule-signature-perl Version: 0.73-1 Severity: grave Tags: security upstream fixed-upstream
Hi, the following vulnerabilities were published for libmodule-signature-perl. CVE-2015-3406[0]: unsigned files interpreted as signed in some circumstances CVE-2015-3407[1]: arbitrary code execution during test phase CVE-2015-3408[2]: arbitrary code execution when verifying module signatures CVE-2015-3409[3]: arbitrary modules loading in some circumstances If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-3406 [1] https://security-tracker.debian.org/tracker/CVE-2015-3407 [2] https://security-tracker.debian.org/tracker/CVE-2015-3408 [3] https://security-tracker.debian.org/tracker/CVE-2015-3409 Please adjust the affected versions in the BTS as needed. p.s.: for the pkg-perl team: I planned to look into it for all needed versions, but if somebody beats me to it, just go ahead! Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
