SUSE Package Hub - openSUSE-2020-1754

Update Info

openSUSE-2020-1754

Security update for kleopatra

Type: security

Severity: moderate

Issued: 2020-10-28

Description:

This update for kleopatra fixes the following issues:

- CVE-2020-24972: Add upstream patch to prevent potential arbitrary code execution
  (boo#1177932):

This update was imported from the openSUSE:Leap:15.1:Update update project.

References

CVE: CVE-2020-24972
Bugzilla: 1177932 VUL-0: CVE-2020-24972: kleopatra: potential arbitrary code execution due to openpgp4fpr: URLs are supported without safe handling of command-line options

Packages

kleopatra-18.12.3-bp151.3.3.1