[security fix] GnuPG 2.2.8 released (CVE-2018-12020)
Ben Finney
ben+freesoftware at benfinney.id.au
Fri Jun 8 21:47:15 CEST 2018
Werner Koch <wk at gnupg.org> writes:
> Although GnuPG takes great care to sanitize all diagnostic and status
> output, the case at hand was missed but finally found and reported by
> Marcus Brinkmann. CVE-2018-12020 was assigned to this bug; GnuPG tracks
> it at <https://dev/gnupg.org/T4012>.
Thank you to Marcus, Werner, and all involved in tracking, describing
for an audience, fixing this bug, and releasing the fix.
--
\ “You don't change the world by placidly finding your bliss — |
`\ you do it by focusing your discontent in productive ways.” |
_o__) —Paul Z. Myers, 2011-08-31 |
Ben Finney <ben at benfinney.id.au>
More information about the Gnupg-users
mailing list