CLD-638 Details

Other IDs this deficiency may be known by:

CVE ID CVE-2018-1000858 (nvd) (mitre) (debian) (archlinux) (red hat) (suse) (ubuntu)
Other ID(s)

Basic Information:

Affected Package(s) gnupg
Deficiency Type SECURITY
Date Created 2018-12-20 16:28:37
Date Last Modified 2018-12-29 11:50:04

Version Specific Information:

Cucumber 1.1 i686 waiting for upstream to publish patch
Cucumber 1.1 x86_64 waiting for upstream to publish patch


This has been fixed upstream in;a=commit;h=4a4bb874f63741026bd26264c43bb32b1099f060

This commit has beena applied in gnupg 2.2.12. We have upgraded to this version
in Cucumber 2.0.

Thie commit is not easily backportable to gnupg 2.1.x (the version used in
Cucumber 1.1), so we will have to wait to see if someone published a proper
patch for that version.