AVG-943 log
Package | gnupg |
Status | Fixed |
Severity | Low |
Type | insufficient validation |
Affected | 2.2.5-1 |
Fixed | 2.2.5-2 |
Current | 2.4.7-1 [core] |
Ticket | None |
Created | Wed Mar 27 14:35:43 2019 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2018-9234 | Low | No | Insufficient validation | When using a GnuPG smartcard in 2.2.4+ with an offline master [C]ertify key, it is possible to sign the keys of others with only a [S]igning subkey present. |