[ubuntu/cosmic-updates] python-gnupg 0.4.1-1ubuntu1.18.10.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Thu May 2 14:58:08 UTC 2019
python-gnupg (0.4.1-1ubuntu1.18.10.1) cosmic-security; urgency=medium
* SECURITY UPDATE: Improper input validation
- debian/patches/CVE-2019-6690-1.patch: Added checks to disallow
newline-type characters in passphrases.
- debian/patches/CVE-2019-6690-2.patch: Expand passphrase check to include
NUL bytes.
- CVE-2019-6690
* SECURITY UPDATE: Fake verification status of signed mail
- debian/patches/CVE-2018-12020.patch: Added --no-verbose to the gpg
command line
- CVE-2018-12020
Date: 2019-04-30 21:12:17.089087+00:00
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/python-gnupg/0.4.1-1ubuntu1.18.10.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Cosmic-changes
mailing list