Updated gnupg & gnupg2 packages fixes CVE-2014-4617
Publication date: 27 Jun 2014Modification date: 27 Jun 2014
Type: security
Affected Mageia releases : 3 , 4
CVE: CVE-2014-4617
Description
Updated gnupg and gnupg2 packages fix security vulnerability: GnuPG versions before 1.4.17 and 2.0.24 are vulnerable to a denial of service which can be caused by garbled compressed data packets which may put gpg into an infinite loop (CVE-2014-4617).
References
SRPMS
3/core
- gnupg-1.4.14-1.3.mga3
- gnupg2-2.0.19-3.3.mga3
4/core
- gnupg-1.4.16-1.1.mga4
- gnupg2-2.0.22-3.1.mga4