SigSpoof: Spoofing signatures in GnuPG, Enigmail, GPGTools and python-gnupg (CVE-2018-12020)
https://neopg.io/blog/gpg-signature-spoof/
in short dont use gpg --verbose
on the command line. upgrade everything.
SigSpoof: Spoofing signatures in GnuPG, Enigmail, GPGTools and python-gnupg (CVE-2018-12020)
https://neopg.io/blog/gpg-signature-spoof/
in short dont use gpg --verbose
on the command line. upgrade everything.
Was mentioned before in Whonix forum. Fixed in gpg already. No changes
required.