Slackware64-14.0 ChangeLog (2018-06-08)

Fri Jun 8 20:37:06 UTC 2018

  • patches/packages/gnupg2-2.0.31-x86_64-1_slack14.0.txz
    Sanitize the diagnostic output of the original file name in verbose mode.
    By using a made up file name in the message it was possible to fake status
    messages. Using this technique it was for example possible to fake the
    verification status of a signed mail.
    For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12020
    (* Security fix *)
  • news/2018/06/08/slackware64-14.0-changelog.txt
  • Last modified: 11 months ago
  • by Giuseppe Di Terlizzi