Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-5689-2

Ubuntu Security Notice 5689-2 - USN-5689-1 fixed a vulnerability in Perl. This update provides the corresponding update for Ubuntu 22.10. It was discovered that Perl incorrectly handled certain signature verification. An remote attacker could possibly use this issue to bypass signature verification.

Packet Storm
#vulnerability#ubuntu#perl

==========================================================================
Ubuntu Security Notice USN-5689-2
November 28, 2022

perl vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 22.10

Summary:

Perl could be made to by pass signature verification.

Software Description:

  • perl: Practical Extraction and Report Language

Details:

USN-5689-1 fixed a vulnerability in Perl.
This update provides the corresponding update for Ubuntu 22.10.

Original advisory details:

It was discovered that Perl incorrectly handled certain signature verification.
An remote attacker could possibly use this issue to bypass signature verification.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.10:
perl 5.34.0-5ubuntu1.1

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5689-2
https://ubuntu.com/security/notices/USN-5689-1
CVE-2020-16156

Package Information:
https://launchpad.net/ubuntu/+source/perl/5.34.0-5ubuntu1.1

Related news

CVE-2023-21850: Oracle Critical Patch Update Advisory - January 2023

Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

Packet Storm: Latest News

Ubuntu Security Notice USN-7121-3