diff options
author | Sinan Kaya <okaya@kernel.org> | 2018-09-24 16:08:07 +0000 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-10-10 13:26:25 +0100 |
commit | c8a29e6c8190bdd7f10e96f8e1b351586dee0368 (patch) | |
tree | b9003cc0af13e8b7eec39273f58d9ccd0e9f6513 /meta/recipes-support/libcroco/libcroco_0.6.12.bb | |
parent | 5315ebeded2af486cf95c83ec988287202a3ae2a (diff) | |
download | poky-c8a29e6c8190bdd7f10e96f8e1b351586dee0368.tar.gz |
gnupg: CVE-2018-9234
* CVE-2018-9234
GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key
certification requires an offline master Certify key, which results
in apparently valid certifications that occurred only with access to
a signing subkey.
Affects gnupg <= 2.2.5
CVE: CVE-2018-9234
Ref: https://access.redhat.com/security/cve/cve-2018-9234
(From OE-Core rev: af920831ed1ef607db195372f135cc56e9f53b41)
Signed-off-by: Sinan Kaya <okaya@kernel.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support/libcroco/libcroco_0.6.12.bb')
0 files changed, 0 insertions, 0 deletions