This is an old revision of the document!
Slackware64-14.1 ChangeLog (2018-06-08)
Fri Jun 8 20:37:06 UTC 2018
Packages
Upgraded
- patches/packages/gnupg2-2.0.31-x86_64-1_slack14.1.txz
Sanitize the diagnostic output of the original file name in verbose mode.
By using a made up file name in the message it was possible to fake status
messages. Using this technique it was for example possible to fake the
verification status of a signed mail.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12020
(* Security fix *)