gnupg: CVE-2018-9234 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Sinan Kaya <okaya@kernel.org>	2018-09-24 16:08:07 +0000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2018-10-10 13:26:25 +0100
commit	c8a29e6c8190bdd7f10e96f8e1b351586dee0368 (patch)
tree	b9003cc0af13e8b7eec39273f58d9ccd0e9f6513 /meta/recipes-support/libcroco/libcroco_0.6.12.bb
parent	5315ebeded2af486cf95c83ec988287202a3ae2a (diff)
download	poky-c8a29e6c8190bdd7f10e96f8e1b351586dee0368.tar.gz

gnupg: CVE-2018-9234

* CVE-2018-9234 GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey. Affects gnupg <= 2.2.5 CVE: CVE-2018-9234 Ref: https://access.redhat.com/security/cve/cve-2018-9234 (From OE-Core rev: af920831ed1ef607db195372f135cc56e9f53b41) Signed-off-by: Sinan Kaya <okaya@kernel.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-support/libcroco/libcroco_0.6.12.bb')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: