MGASA-2020-0425 - Updated kleopatra packages fix a security vulnerability

Publication date: 15 Nov 2020
Type: security
Affected Mageia releases: 7
CVE: CVE-2020-24972

The Kleopatra component before 20.07.80 for GnuPG allows remote attackers to
execute arbitrary code because openpgp4fpr: URLs are supported without safe
handling of command-line options. The Qt platformpluginpath command-line
option can be used to load an arbitrary library.

-[email protected]/thread/IRIPL72WMXTVWS2M7WYV5SNPETYJ2YI7/

- 7/core/kleopatra-19.04.0-1.1.mga7