gnupg: CVE-2018-9234 - openembedded-core-contrib - OpenEmbedded Core user contribution trees

diff options

author	Sinan Kaya <okaya@kernel.org>	2018-09-24 16:08:07 +0000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2018-10-10 13:23:45 +0100
commit	af920831ed1ef607db195372f135cc56e9f53b41 (patch)
tree	f32fd3c55f2305dd979152b81761393f5974ebd0 /meta/recipes-core
parent	a53026f03a1d07cef1d1590c689e036f3ee21026 (diff)
download	openembedded-core-contrib-af920831ed1ef607db195372f135cc56e9f53b41.tar.gz

gnupg: CVE-2018-9234

* CVE-2018-9234 GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey. Affects gnupg <= 2.2.5 CVE: CVE-2018-9234 Ref: https://access.redhat.com/security/cve/cve-2018-9234 Signed-off-by: Sinan Kaya <okaya@kernel.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>

Diffstat (limited to 'meta/recipes-core')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: