Security fix for CVE-2020-5260
From the upstream release notes:
With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host. The attack has been made impossible by forbidding a newline character in any value passed via the credential protocol.
sudo dnf upgrade --advisory=FEDORA-2020-cdef88bb89
Please login to add feedback.