Nome do pacote
gnupg
Data
2013-12-19
ID Alerta
MDVSA-2013:295
Versões afetadas
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Descrição do problema

A vulnerability has been discovered and corrected in gnupg:

Genkin, Shamir and Tromer discovered that RSA key material could be
extracted by using the sound generated by the computer during the
decryption of some chosen ciphertexts (CVE-2013-4576).

The updated packages have been patched to correct this issue.

Pacotes atualizados

MES5 i586

 56ca0c10091545096e9e2a8520a3e9a9  mes5/i586/gnupg-1.4.9-5.4mdvmes5.2.i586.rpm 
 330744e0b7dbd446bb25351b81c2d306  mes5/SRPMS/gnupg-1.4.9-5.4mdvmes5.2.src.rpm

MBS1 x86_64

 902cadfbd900984b6f4c3374bef90d12  mbs1/x86_64/gnupg-1.4.12-3.3.mbs1.x86_64.rpm 
 5c1f71a7c73fd4c820f1b7e596ad5bec  mbs1/SRPMS/gnupg-1.4.12-3.3.mbs1.src.rpm

MES5 x86_64

 08b25e92eb5200e1270d48cb4a39e1fa  mes5/x86_64/gnupg-1.4.9-5.4mdvmes5.2.x86_64.rpm 
 330744e0b7dbd446bb25351b81c2d306  mes5/SRPMS/gnupg-1.4.9-5.4mdvmes5.2.src.rpm

Referências