A cross site request forgery vulnerability was found in gnupg between version 2.1.12 and 2.2.11 resulting in information disclosure or denial of service. Upstream patch: https://github.com/gpg/gnupg/commit/4a4bb874f63741026bd26264c43bb32b1099f060
Created gnupg2 tracking bugs for this issue: Affects: fedora-all [bug 1663918]
References: https://sektioneins.de/en/advisories/advisory-012018-gnupg-wkd.html