Module signature file manipulation
Module::Signature adds cryptographic authentications to CPAN distributions,
via the special SIGNATURE file.
- Developed at devel:languages:perl
- Sources inherited from project openSUSE:Factory
-
1
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Backports:SLE-15-SP4:FactoryCandidates/perl-Module-Signature && cd $_ - Create Badge
Refresh
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
| Module-Signature-0.73.tar.gz | 0000077407 75.6 KB | |
| perl-Module-Signature.changes | 0000004670 4.56 KB | |
| perl-Module-Signature.spec | 0000002688 2.63 KB |
Revision 11 (latest revision is 24)
Stephan Kulow (coolo)
accepted
request 185844
from
Stephan Kulow (coolo)
(revision 11)
- fix souce url
- update to 0.73
* fix for bnc#828010 (CVE-2013-2145)
https://bugzilla.novell.com/process_bug.cgi
https://bugzilla.redhat.com/show_bug.cgi?id=971096
* Properly redo the previous fix using File::Spec->file_name_is_absolute.
- [Changes for 0.72 - Wed Jun 5 23:19:02 CST 2013]
* Only allow loading Digest::* from absolute paths in @INC,
by ensuring they begin with \ or / characters.
Contributed by: Florian Weimer (CVE-2013-2145)
- [Changes for 0.71 - Tue Jun 4 18:24:10 CST 2013]
* Constrain the user-specified digest name to /^\w+\d+$/.
* Avoid loading Digest::* from relative paths in @INC.
Contributed by: Florian Weimer (CVE-2013-2145)
- [Changes for 0.70 - Thu Nov 29 01:45:54 CST 2012]
* Don't check gpg version if gpg does not exist.
This avoids unnecessary warnings during installation
when gpg executable is not installed.
Contributed by: Kenichi Ishigaki
- [Changes for 0.69 - Fri Nov 2 23:04:19 CST 2012]
* Support for gpg under these alternate names:
gpg gpg2 gnupg gnupg2
Contributed by: Michael Schwern
Comments 0