Lucene search

CentOS ProjectCESA-2006:0615-01

HistoryAug 03, 2006 - 3:42 a.m.

gnupg security update

2006-08-0303:42:42

CentOS Project

lists.centos.org

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.814 High

EPSS

Percentile

98.4%

JSON

CentOS Errata and Security Advisory CESA-2006:0615-01

GnuPG is a utility for encrypting data and creating digital signatures.

An integer overflow flaw was found in GnuPG. An attacker could create a
carefully crafted message packet with a large length that could cause GnuPG
to crash or possibly overwrite memory when opened. (CVE-2006-3746)

All users of GnuPG are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2006-August/075254.html

Affected packages:
gnupg

OSVersionArchitecturePackageVersionFilename
CentOS2i386gnupg< 1.0.7-18gnupg-1.0.7-18.i386.rpm

OS	Version	Architecture	Package	Version	Filename
CentOS	2	i386	gnupg	< 1.0.7-18	gnupg-1.0.7-18.i386.rpm

References

steadfast.net/

www.ict.swin.edu.au/staff/jnewbigin

rhn.redhat.com/errata/rh21as-errata.html

twitter.com/centos

www.facebook.com/groups/centosproject/

www.linkedin.com/groups/22405

www.reddit.com/r/CentOS/

youtube.com/TheCentOSProject

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.814 High

EPSS

Percentile

98.4%

JSON

Related for CESA-2006:0615-01