[ubuntu/cosmic-security] python-gnupg 0.4.1-1ubuntu1.18.10.1 (Accepted)
Mike Salvatore
mike.salvatore at canonical.com
Thu May 2 14:33:38 UTC 2019
python-gnupg (0.4.1-1ubuntu1.18.10.1) cosmic-security; urgency=medium
* SECURITY UPDATE: Improper input validation
- debian/patches/CVE-2019-6690-1.patch: Added checks to disallow
newline-type characters in passphrases.
- debian/patches/CVE-2019-6690-2.patch: Expand passphrase check to include
NUL bytes.
- CVE-2019-6690
* SECURITY UPDATE: Fake verification status of signed mail
- debian/patches/CVE-2018-12020.patch: Added --no-verbose to the gpg
command line
- CVE-2018-12020
Date: 2019-04-30 21:12:17.089087+00:00
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
https://launchpad.net/ubuntu/+source/python-gnupg/0.4.1-1ubuntu1.18.10.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Cosmic-changes
mailing list