Download
| Alert*
|
oval:org.secpod.oval:def:600091
It was discovered that GnuPG 2 uses a freed pointer when verify a signature or importing a certificate with many Subject Alternate Names, potentially leading to arbitrary code execution. For the stable distribution , this problem has been fixed in version 2.0.9-3.1+lenny1. For the unstable distribut ... oval:org.secpod.oval:def:1500282 An updated gnupg2 package that fixes three security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ... oval:org.secpod.oval:def:300036 A vulnerability has been discovered and corrected in gnupg2: Importing a certificate with more than 98 Subject Alternate Names via GPGSM"s import command or implicitly while verifying a signature causes GPGSM to reallocate an array with the names. The bug is that the reallocation code misses assigni ... oval:org.secpod.oval:def:201818 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A use-after-free flaw was found in the way gpgsm, a Cryptographic Message Syntax encryption and signing tool, handled X.509 certificat ... oval:org.secpod.oval:def:700110 It was discovered that GPGSM in GnuPG2 did not correctly handle certificates with a large number of Subject Alternate Names. If a user or automated system were tricked into processing a specially crafted certificate, an attacker could cause a denial of service or execute arbitrary code with privileg ... oval:org.secpod.oval:def:500455 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A use-after-free flaw was found in the way gpgsm, a Cryptographic Message Syntax encryption and signing tool, handled X.509 certificat ... oval:org.mitre.oval:def:11631 It was discovered that GnuPG 2 uses a freed pointer when verifying a signature or importing a certificate with many Subject Alternate Names, potentially leading to arbitrary code execution. oval:org.secpod.oval:def:201810 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A use-after-free flaw was found in the way gpgsm, a Cryptographic Message Syntax encryption and signing tool, handled X.509 certificat ... |
