[Gpg4win-commits] [git] Gpg4win - branch, website, updated. gpg4win-2.1.0-231-g5561563
by Bernhard E. Reiter
cvs at cvs.gnupg.org
Thu Nov 26 16:20:51 CET 2015
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG for Windows".
The branch, website has been updated
via 5561563b9d4809f12726c2a51aae2ac4145ff6df (commit)
from 37b02273fa190b91f5f6b572eba16b656fbafd1f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 5561563b9d4809f12726c2a51aae2ac4145ff6df
Author: Bernhard E. Reiter <bernhard at intevation.de>
Date: Thu Nov 26 16:19:26 2015 +0100
Advisory 2015-11-25, phrasing improved.
diff --git a/web/news-20151125.htm4 b/web/news-20151125.htm4
index a79e734..221d113 100644
--- a/web/news-20151125.htm4
+++ b/web/news-20151125.htm4
@@ -43,11 +43,11 @@ bypassing the UAC.
</ol>
<p>
-<b>Mitigation:</b> Update to Gpg4win 2.3.0 (published today)
+<b>Mitigation:</b> Update to Gpg4win 2.3.0 (published at the same date as this advisory)
<p>
<b>General precaution measure:</b>
- Always copy installers into a single new directory where
+ Always copy an installer into a single new directory where
it is the only file before executing it. The reason is that
many other installers based on NSIS or other common installer technologies
on Windows are vulnerable to this kind of 'current directory attack'.
-----------------------------------------------------------------------
Summary of changes:
web/news-20151125.htm4 | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
hooks/post-receive
--
GnuPG for Windows
http://git.gnupg.org
More information about the Gpg4win-commits
mailing list