Package gnupg updated to version 1.4.17-alt1 for branch sisyphus in task 122517.

Published: 2016-07-07
Modified: 2024-07-05

BDU:2015-02001

Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить доступность защищаемой информации

Severity: MEDIUM (5.0) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Published: 2016-07-07
Modified: 2024-11-28

BDU:2015-02002

Severity: MEDIUM (5.0) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Published: 2014-06-25
Modified: 2025-04-12

CVE-2014-4617

The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.

Severity: MEDIUM (5.0) Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

References:

Version: 2.1.2

Package gnupg update in sisyphus on 2014-06-28

ALT-PU-2014-1852-1

Closed vulnerabilities

BDU:2015-02001

BDU:2015-02002

CVE-2014-4617