Advisories ยป MGASA-2013-0239

Updated gnupg package fixes security vulnerability

Publication date: 03 Aug 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-4242

Description

Yarom and Falkner discovered that RSA secret keys in applications
using GnuPG 1.x, and using the libgcrypt library, could be leaked via a
side channel attack, where a malicious local user could obtain private
key information from another user on the system (CVE-2013-4242).
                

References

SRPMS

2/core

3/core