OVMSA-2018-0239 - gnupg2 security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2018-07-12 |
Description
[2.0.14-9]
- fix CVE-2018-12020 - missing sanitization of original filename
[2.0.14-8]
- fix aborts and default algorithms when running in FIPS mode (#1078957, #966493)
- add missing initialization of libgcrypt in gpgv
- properly encode s2k iteration count in gpg-agent (#638635)
[2.0.14-6]
- fix CVE-2013-4351 gpg treats no-usage-permitted keys as all-usages-permitted
[2.0.14-5]
- fix CVE-2012-6085 GnuPG: read_block() corrupt key input validation
- fix CVE-2013-4402 GnuPG: infinite recursion in the compressed packet parser
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle VM 3.3 (x86_64) | gnupg2-2.0.14-9.el6_10.src.rpm | 4094d6c3e2516a169c92f9768d1d2d3a | - |
| gnupg2-2.0.14-9.el6_10.x86_64.rpm | b9d18bbcb337f26b024061a777a37491 | - |
|
| Oracle VM 3.4 (x86_64) | gnupg2-2.0.14-9.el6_10.src.rpm | 4094d6c3e2516a169c92f9768d1d2d3a | - |
| gnupg2-2.0.14-9.el6_10.x86_64.rpm | b9d18bbcb337f26b024061a777a37491 | - |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
