Package name
gnupg
Date
2014-07-09
Advisory ID
MDVSA-2014:127
Affected versions
MBS1 x86_64

Problem description

Updated gnupg and gnupg2 packages fix security vulnerability:

GnuPG versions before 1.4.17 and 2.0.24 are vulnerable to a denial
of service which can be caused by garbled compressed data packets
which may put gpg into an infinite loop (CVE-2014-4617).

Updated packages

MBS1 x86_64

 8bf47fc5000c48ab2ebdbb22324f6233  mbs1/x86_64/gnupg-1.4.12-3.4.mbs1.x86_64.rpm
 917ae5a64551442efb26c38d05413f03  mbs1/x86_64/gnupg2-2.0.18-3.3.mbs1.x86_64.rpm 
 2864106f4f7bae3601754efbe473c78c  mbs1/SRPMS/gnupg-1.4.12-3.4.mbs1.src.rpm
 404b181bd27083edb028e45b4d9f2dfc  mbs1/SRPMS/gnupg2-2.0.18-3.3.mbs1.src.rpm

References