Security update for gpg2
This update for gpg2 fixes the following security issue:
- CVE-2018-12020: GnuPG mishandled the original filename during decryption and
verification actions, which allowed remote attackers to spoof the output that
GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2"
option (bsc#1096745)
-
Submitted by
Vítězslav Čížek (vitezslav_cizek)
Fixed bugs
bnc#1096745
VUL-0: CVE-2018-12020: gpg2: Sanitize the diagnostic output of the original file name in verbose mode
