OVMSA-2018-0239 - gnupg2 security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2018-07-12 |
Description
[2.0.14-9]
- fix CVE-2018-12020 - missing sanitization of original filename
[2.0.14-8]
- fix aborts and default algorithms when running in FIPS mode (#1078957, #966493)
- add missing initialization of libgcrypt in gpgv
- properly encode s2k iteration count in gpg-agent (#638635)
[2.0.14-6]
- fix CVE-2013-4351 gpg treats no-usage-permitted keys as all-usages-permitted
[2.0.14-5]
- fix CVE-2012-6085 GnuPG: read_block() corrupt key input validation
- fix CVE-2013-4402 GnuPG: infinite recursion in the compressed packet parser
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
|
| Oracle VM 3.3 (x86_64) | gnupg2-2.0.14-9.el6_10.src.rpm | 2a173a20285a6071e6162f8be37192c954d45d6972165d18d6694388b9bd62d7 | - | ovm3_x86_64_3.3_patch |
| gnupg2-2.0.14-9.el6_10.x86_64.rpm | bdb7f0c5b7824bf7142ad79cb476d0ce04338688bcda8dbf632d79b03ae41f03 | - | ovm3_x86_64_3.3_patch |
|
| Oracle VM 3.4 (x86_64) | gnupg2-2.0.14-9.el6_10.src.rpm | 2a173a20285a6071e6162f8be37192c954d45d6972165d18d6694388b9bd62d7 | - | ovm34_x86_64_latest |
| gnupg2-2.0.14-9.el6_10.x86_64.rpm | bdb7f0c5b7824bf7142ad79cb476d0ce04338688bcda8dbf632d79b03ae41f03 | - | ovm34_x86_64_latest |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
