Advisories ยป MGASA-2013-0303

Updated gnupg packages fix CVE-2013-4402

Publication date: 09 Oct 2013
Modification date: 09 Oct 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-4402

Description

Updated gnupg package fixes security vulnerability:

Special crafted input data may be used to cause a denial of service against
GPG. GPG can be forced to recursively parse certain parts of OpenPGP messages
ad infinitum (CVE-2013-4402).
                

References

SRPMS

2/core

3/core