SUSE-SU-2018:1698-1 -- SLES gpgID: oval:org.secpod.oval:def:89043571 | Date: (C)2021-03-05 (M)2022-10-10 |
Class: PATCH | Family: unix |
This update for gpg2 fixes the following security issue: - CVE-2018-12020: GnuPG mishandled the original filename during decryption and verification actions, which allowed remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the --status-fd 2 option
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |