Nom du paquet
gnupg
Date
2006-08-14
Advisory ID
MDKSA-2006:141
Affected versions
CS3.0 i586 , MNF2.0 i586 , 2006.0 i586 , 2006.0 x86_64 , CS3.0 x86_64

Problem description

An integer overflow vulnerability was discovered in gnupg where an
attacker could create a carefully-crafted message packet with a large
length that could cause gnupg to crash or possibly overwrite memory
when opened.

Updated packages have been patched to correct this issue.

Updated packages

CS3.0 i586

 48a68f90d599061b4605580c6dfb87c5  corporate/3.0/RPMS/gnupg-1.4.2.2-0.3.C30mdk.i586.rpm
 4948bb972e446f136d8f0c81045a68d6  corporate/3.0/SRPMS/gnupg-1.4.2.2-0.3.C30mdk.src.rpm

MNF2.0 i586

 0d17b96d0b992d95a74c9a215088425b  mnf/2.0/RPMS/gnupg-1.4.2.2-0.4.M20mdk.i586.rpm
 6f752ebe3c8094f11f6bf2d3b7f3cb2e  mnf/2.0/SRPMS/gnupg-1.4.2.2-0.4.M20mdk.src.rpm

2006.0 i586

 dad4f89b0659db5ce5f0ea5346937f84  2006.0/RPMS/gnupg-1.4.2.2-0.3.20060mdk.i586.rpm
 235e259f35fc3e064da19eeafb1928bb  2006.0/RPMS/gnupg2-1.9.16-4.2.20060mdk.i586.rpm
 4868f4809119c3eb251c750082eafb0c  2006.0/SRPMS/gnupg-1.4.2.2-0.3.20060mdk.src.rpm
 e200d2b1d9fd36bf87a2a115921671e1  2006.0/SRPMS/gnupg2-1.9.16-4.2.20060mdk.src.rpm

2006.0 x86_64

 72633103b324b4a6304849b9adde6dee  x86_64/2006.0/RPMS/gnupg-1.4.2.2-0.3.20060mdk.x86_64.rpm
 1080c501a35fb063e45fffca91d1c577  x86_64/2006.0/RPMS/gnupg2-1.9.16-4.2.20060mdk.x86_64.rpm
 4868f4809119c3eb251c750082eafb0c  x86_64/2006.0/SRPMS/gnupg-1.4.2.2-0.3.20060mdk.src.rpm
 e200d2b1d9fd36bf87a2a115921671e1  x86_64/2006.0/SRPMS/gnupg2-1.9.16-4.2.20060mdk.src.rpm

CS3.0 x86_64

 ca85cec5ae88d2a6aa0216aed0f38ffd  x86_64/corporate/3.0/RPMS/gnupg-1.4.2.2-0.3.C30mdk.x86_64.rpm
 4948bb972e446f136d8f0c81045a68d6  x86_64/corporate/3.0/SRPMS/gnupg-1.4.2.2-0.3.C30mdk.src.rpm

References