Slackware64-13.0 ChangeLog (2018-06-19)

Tue Jun 19 22:35:25 UTC 2018

  • patches/packages/gnupg-1.4.23-x86_64-1_slack13.0.txz
    Sanitize the diagnostic output of the original file name in verbose mode.
    By using a made up file name in the message it was possible to fake status
    messages. Using this technique it was for example possible to fake the
    verification status of a signed mail.
    For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12020
    (* Security fix *)
  • news/2018/06/19/slackware64-13.0-changelog.txt
  • Last modified: 2 years ago
  • by Giuseppe Di Terlizzi