This is an old revision of the document!
Slackwarearm-14.2 ChangeLog (2018-06-20)
Wed Jun 20 08:08:08 UTC 2018
Packages
Upgraded
- patches/packages/gnupg-1.4.23-arm-1_slack14.2.txz
Sanitize the diagnostic output of the original file name in verbose mode.
By using a made up file name in the message it was possible to fake status
messages. Using this technique it was for example possible to fake the
verification status of a signed mail.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12020
(* Security fix *)