openSUSE Security Update : gpg2 (openSUSE-2018-640)
High Nessus Plugin ID 110589
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for gpg2 fixes the following security issue :
- CVE-2018-12020: GnuPG mishandled the original filename during decryption and verification actions, which allowed remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the '--status-fd 2' option (bsc#1096745)
SolutionUpdate the affected gpg2 packages.