Advisories » MGASA-2015-0359

Updated gnupg packages fix security vulnerabilities

Publication date: 13 Sep 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-1606 , CVE-2015-1607


Updated gnupg and gnupg2 packages fix security vulnerabilities:

Hanno Böck discovered that GnuPG incorrectly handled certain malformed
keyrings. If a user or automated system were tricked into opening a
malformed keyring, a remote attacker could use this issue to cause GnuPG to
crash, resulting in a denial of service, or possibly execute arbitrary
code (CVE-2015-1606, CVE-2015-1607).