|
|
Family: Debian Local Security Checks --> Category: infos
[DSA1115] DSA-1115-1 gnupg2 Vulnerability Scan
Vulnerability Scan Summary
DSA-1115-1 gnupg2
Detailed Explanation for this Vulnerability Test
Evgeny Legerov discovered that gnupg, the GNU privacy guard, a free
PGP replacement contains an integer overflow that can cause a
segmentation fault and possibly overwrite memory via a large user ID
string.
For the stable distribution (sarge) this problem has been fixed in
version 1.4.1-1.sarge4 of GnuPG and in version 1.9.15-6sarge1 of GnuPG2.
For the unstable distribution (sid) this problem has been fixed in
version 1.4.3-2 of GnuPG, a fix for GnuPG2 is pending.
We recommend that you upgrade your gnupg package.
Solution : http://www.debian.org/security/2006/dsa-1115
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|
