2014-06-29
ALT-BU-2014-2856-1
Branch sisyphus update bulletin.
Closed vulnerabilities
Published: 2014-06-25
BDU:2015-02001
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить доступность защищаемой информации
Severity: MEDIUM (5.0)
References:
Published: 1970-01-01
BDU:2015-02002
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить доступность защищаемой информации
Severity: MEDIUM (5.0)
References:
Published: 2014-06-25
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2014-4617
The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.
Severity: MEDIUM (5.0)
References:
- http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git%3Ba=commit%3Bh=014b2103fcb12f261135e3954f26e9e07b39e342
- http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git%3Ba=commit%3Bh=014b2103fcb12f261135e3954f26e9e07b39e342
- http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git%3Ba=commit%3Bh=11fdfcf82bd8d2b5bc38292a29876e10770f4b0a
- http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git%3Ba=commit%3Bh=11fdfcf82bd8d2b5bc38292a29876e10770f4b0a
- [gnupg-announce] 20140623 [security fix] GnuPG 1.4.17 released
- [gnupg-announce] 20140623 [security fix] GnuPG 1.4.17 released
- [gnupg-announce] 20140624 [security fix] GnuPG 2.0.24 released
- [gnupg-announce] 20140624 [security fix] GnuPG 2.0.24 released
- openSUSE-SU-2014:0866
- openSUSE-SU-2014:0866
- 59213
- 59213
- 59351
- 59351
- 59534
- 59534
- 59578
- 59578
- DSA-2967
- DSA-2967
- DSA-2968
- DSA-2968
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
- USN-2258-1
- USN-2258-1