RHSA-2010:0603-01 -- Redhat gnupg2ID: oval:org.secpod.oval:def:500455 | Date: (C)2012-01-31 (M)2024-02-08 |
Class: PATCH | Family: unix |
The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A use-after-free flaw was found in the way gpgsm, a Cryptographic Message Syntax encryption and signing tool, handled X.509 certificates with a large number of Subject Alternate Names. A specially-crafted X.509 certificate could, when imported, cause gpgsm to crash or, possibly, execute arbitrary code. All gnupg2 users should upgrade to this updated package, which contains a backported patch to correct this issue.
Platform: |
Red Hat Enterprise Linux 5 |