Download
| Alert*
oval:org.secpod.oval:def:67968
The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. The following packages have been upgraded to a later upstream version: gnupg2 . Security Fix: * GnuPG: interaction between the sks-keyserver code and GnuPG allows for a ... oval:org.secpod.oval:def:1600888 Unenforced configuration allows for apparently valid certifications actually signed by signing subkeysGnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with acc ... oval:org.secpod.oval:def:203142 gnupg2 is installed oval:org.secpod.oval:def:204851 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Security Fix: * gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification For more details abou ... oval:org.secpod.oval:def:507146 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Security Fix: * gpg: Signature spoofing via status line injection For more details about the security issue, including the impact, a CVSS score, acknowledgments, and ot ... oval:org.secpod.oval:def:507163 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Security Fix: * gpg: Signature spoofing via status line injection For more details about the security issue, including the impact, a CVSS score, acknowledgments, and ot ... oval:org.secpod.oval:def:504759 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. The following packages have been upgraded to a later upstream version: gnupg2 . Security Fix: * GnuPG: interaction between the sks-keyserver code and GnuPG allows for a ... oval:org.secpod.oval:def:108715 GnuPG is GNU"s tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described by ... oval:org.secpod.oval:def:19500179 A vulnerability was found in GnuPG. This issue occurs due to an escape detection loop at the write_status_text_and_buffer function in g10/cpr.c. This flaw allows a malicious actor to bypass access control oval:org.secpod.oval:def:115737 GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as describe ... oval:org.secpod.oval:def:2500119 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. oval:org.secpod.oval:def:204849 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Security Fix: * gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification For more details abou ... oval:org.secpod.oval:def:1506023 [2.3.3-2] - Fix CVE-2022-34903 oval:org.secpod.oval:def:1505996 [2.2.20-3] - Fix CVE-2022-34903 oval:org.secpod.oval:def:1600057 The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence. oval:org.secpod.oval:def:2500800 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. oval:org.secpod.oval:def:5800065 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Security Fix: * gpg: Signature spoofing via status line injection For more details about the security issue, including the impact, a CVSS score, acknowledgments, and ot ... oval:org.secpod.oval:def:1700995 A vulnerability was found in GnuPG. This issue occurs due to an escape detection loop at the write_status_text_and_buffer function in g10/cpr.c. This flaw allows a malicious actor to bypass access control oval:org.secpod.oval:def:2600083 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. oval:org.secpod.oval:def:1200177 It was reported that gnupg2 keyring DB code did not reject packets which don"t belong into a keyring, which may lead to invalid read of sizeof . oval:org.secpod.oval:def:21826 The host is installed with GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to properly handle malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence. Successful exploitation allo ... oval:org.secpod.oval:def:202970 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A denial of service flaw was found in the way GnuPG parsed certain compressed OpenPGP packets. An attacker could use this flaw to send ... oval:org.secpod.oval:def:501124 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A denial of service flaw was found in the way GnuPG parsed certain compressed OpenPGP packets. An attacker could use this flaw to send ... oval:org.secpod.oval:def:1500287 An updated gnupg2 package that fixes three security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ... oval:org.secpod.oval:def:108761 GnuPG is GNU"s tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described by ... oval:org.secpod.oval:def:107128 GnuPG is GNU"s tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described by ... oval:org.secpod.oval:def:1600239 GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared as if it has all bits set , which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey. The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before ... oval:org.secpod.oval:def:202962 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A denial of service flaw was found in the way GnuPG parsed certain compressed OpenPGP packets. An attacker could use this flaw to send ... oval:org.secpod.oval:def:106019 GnuPG is GNU"s tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described by ... oval:org.secpod.oval:def:107145 GnuPG is GNU"s tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described by ... oval:org.secpod.oval:def:1700164 The do_uncompress function in g10/compress.c allows context-dependent attackers to cause a denial of service via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence. oval:org.secpod.oval:def:114666 GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as describe ... oval:org.secpod.oval:def:114660 GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as describe ... oval:org.secpod.oval:def:114281 GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as describe ... oval:org.secpod.oval:def:502335 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Security Fix: * gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification For more details abou ... oval:org.secpod.oval:def:502334 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Security Fix: * gnupg2: Improper sanitization of filenames allows for the display of fake status messages and the bypass of signature verification For more details abou ... oval:org.secpod.oval:def:1502272 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502273 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1700066 A data validation flaw was found in the way gnupg processes file names during decryption and signature validation. An attacker may be able to inject messages into gnupg verbose message logging which may have the potential to bypass the integrity of signature authentication mechanisms and could have ... oval:org.secpod.oval:def:114285 GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as describe ... oval:org.secpod.oval:def:201818 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A use-after-free flaw was found in the way gpgsm, a Cryptographic Message Syntax encryption and signing tool, handled X.509 certificat ... oval:org.secpod.oval:def:1500282 An updated gnupg2 package that fixes three security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System base scores, which give detailed severity ratings, are a ... oval:org.secpod.oval:def:500455 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A use-after-free flaw was found in the way gpgsm, a Cryptographic Message Syntax encryption and signing tool, handled X.509 certificat ... oval:org.secpod.oval:def:201810 The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A use-after-free flaw was found in the way gpgsm, a Cryptographic Message Syntax encryption and signing tool, handled X.509 certificat ... |