Several security issues were fixed in GnuPG ...
Synopsis
Moderate: gnupg security update
Type/Severity
Security Advisory: Moderate
Topic
An updated gnupg package that fixes multiple security issues is nowavailable for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerabilit ...
Synopsis
Moderate: gnupg2 security update
Type/Severity
Security Advisory: Moderate
Topic
An updated gnupg2 package that fixes three security issues is now availablefor Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnera ...
Debian Bug report logs -
#725433
CVE-2013-4402: infinite recursion in the compressed packet parser
Package:
gnupg2;
Maintainer for gnupg2 is Debian GnuPG Maintainers <pkg-gnupg-maint@listsaliothdebianorg>; Source for gnupg2 is src:gnupg2 (PTS, buildd, popcon)
Reported by: Eric Dorland <eric@debianorg>
Date: Sat, ...
Debian Bug report logs -
#722722
CVE-2013-4351 gnupg: gpg treats no-usage-permitted keys as all-usages-permitted
Package:
gnupg;
Maintainer for gnupg is Debian GnuPG Maintainers <pkg-gnupg-maint@listsaliothdebianorg>; Source for gnupg is src:gnupg2 (PTS, buildd, popcon)
Reported by: Daniel Kahn Gillmor <dkg@fifthhorsem ...
Two vulnerabilities were discovered in GnuPG 2, the GNU privacy guard,
a free PGP replacement The Common Vulnerabilities and Exposures
project identifies the following problems:
CVE-2013-4351
When a key or subkey had its key flags subpacket set to all bits
off, GnuPG currently would treat the key as having all bits set
That is, where th ...
Two vulnerabilities were discovered in GnuPG, the GNU privacy guard,
a free PGP replacement The Common Vulnerabilities and Exposures
project identifies the following problems:
CVE-2013-4351
When a key or subkey had its key flags subpacket set to all bits
off, GnuPG currently would treat the key as having all bits set
That is, where the ...
GnuPG 14x, 20x, and 21x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey
The compressed packet parser in GnuPG 14x before 1415 and 20x before 2022 ...
GnuPG 14x, 20x, and 21x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey
The compressed packet parser in GnuPG 14x before 1415 and 20x before 2022 ...
The compressed packet parser in GnuPG 14x before 1415 and 20x before 2022 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message ...
Vulmon