openSUSE Security Update : gpg2 (openSUSE-2018-640)
Medium Nessus Plugin ID 110589
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for gpg2 fixes the following security issue :
- CVE-2018-12020: GnuPG mishandled the original filename
during decryption and verification actions, which
allowed remote attackers to spoof the output that GnuPG
sends on file descriptor 2 to other programs that use
the '--status-fd 2' option (bsc#1096745)
SolutionUpdate the affected gpg2 packages.