- Nom du paquet
- Advisory ID
- Affected versions
- MBS1 x86_64
A vulnerability has been found and corrected in gnupg:
Versions of GnuPG <= 1.4.12 are vulnerable to memory access violations
and public keyring database corruption when importing public keys
that have been manipulated. An OpenPGP key can be fuzzed in such a
way that gpg segfaults (or has other memory access violations) when
importing the key (CVE-2012-6085).
The updated packages have been patched to correct this issue.
Packages for Mandriva Business Server 1 is being provided.
f1a5a0d27ff3bb19a18a999b9c70f76f mbs1/x86_64/gnupg-1.4.12-2.1.mbs1.x86_64.rpm fef5da791d47bff01ed91a2345dc1bc3 mbs1/x86_64/gnupg2-2.0.18-2.1.mbs1.x86_64.rpm ab83e4b619d9ba23f89ec48a61a17562 mbs1/SRPMS/gnupg-1.4.12-2.1.mbs1.src.rpm 965885ac281cc2c73240e12d1e50a412 mbs1/SRPMS/gnupg2-2.0.18-2.1.mbs1.src.rpm