AVG-1186 log

Package fwupd
Status Fixed
Severity High
Type insufficient validation
Affected 0.1.2-1
Fixed 1.4.0-1
Current 1.9.14-1 [extra]
Ticket None
Created Tue Jun 9 18:18:50 2020
Issue Severity Remote Type Description
CVE-2020-10759 High Yes Insufficient validation
A PGP signature verification bypass has been found in fwupd prior to 1.4.0, and in libjcat <= 0.1.2. The issue is that if a detached signature is actually a...