[ubuntu/cosmic-updates] python-gnupg 0.4.1-1ubuntu1.18.10.1 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Thu May 2 14:58:08 UTC 2019

python-gnupg (0.4.1-1ubuntu1.18.10.1) cosmic-security; urgency=medium

  * SECURITY UPDATE: Improper input validation
    - debian/patches/CVE-2019-6690-1.patch: Added checks to disallow
      newline-type characters in passphrases.
    - debian/patches/CVE-2019-6690-2.patch: Expand passphrase check to include
      NUL bytes.
    - CVE-2019-6690
  * SECURITY UPDATE: Fake verification status of signed mail
    - debian/patches/CVE-2018-12020.patch: Added --no-verbose to the gpg
      command line
    - CVE-2018-12020

Date: 2019-04-30 21:12:17.089087+00:00
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Cosmic-changes mailing list