Advisories ยป MGASA-2014-0276

Updated gnupg & gnupg2 packages fixes CVE-2014-4617

Publication date: 27 Jun 2014
Modification date: 27 Jun 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-4617

Description

Updated gnupg and gnupg2 packages fix security vulnerability:

GnuPG versions before 1.4.17 and 2.0.24 are vulnerable to a denial of
service which can be caused by garbled compressed data packets which
may put gpg into an infinite loop (CVE-2014-4617).
                

References

SRPMS

3/core

4/core