Security fix for CVE-2020-5260
From the upstream release notes:
With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host. The attack has been made impossible by forbidding a newline character in any value passed via the credential protocol.
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2020-c6548b488f
Please login to add feedback.
This update has been submitted for testing by tmz.
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'ignored'.
tmz edited this update.
This update has been pushed to testing.
Works fine, no regressions found
no regressions found
This update can be pushed to stable now if the maintainer wishes
This update has been submitted for stable by bodhi.
Looks good to me
Works great, no issues encountered.
This update has been pushed to stable.