SCIENTIFIC-LINUX-ERRATA Archives

July 2018

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
From:
Scott Reid <[log in to unmask]>
Reply To:
Date:
Mon, 16 Jul 2018 15:39:58 -0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (22 lines)
Synopsis:          Important: gnupg2 security update
Advisory ID:       SLSA-2018:2181-1
Issue Date:        2018-07-12
CVE Numbers:       CVE-2018-12020
--

Security Fix(es):

* gnupg2: Improper sanitization of filenames allows for the display of
fake status messages and the bypass of signature verification
(CVE-2018-12020)
--

SL7
  x86_64
    gnupg2-2.0.22-5.el7_5.x86_64.rpm
    gnupg2-debuginfo-2.0.22-5.el7_5.x86_64.rpm
    gnupg2-smime-2.0.22-5.el7_5.x86_64.rpm
    gnupg2-2.0.22-5.el7_5.src.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2