DebianDEBIAN:DLA-51-1:0DC2F[SECURITY] [DLA 51-1] gnupg2 security update
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
86.0%
Package : gnupg2
Version : 2.0.14-2+squeeze3
CVE ID : CVE-2014-4617
Debian Bug : 752498
Jean-Rene Reinhard, Olivier Levillain and Florian Maury reported that
GnuPG, the GNU Privacy Guard, did not properly parse certain garbled
compressed data packets. A remote attacker could use this flaw to mount
a denial of service against GnuPG by triggering an infinite loop.
Attachment:
signature.asc
Description: Digital signature
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 7 | armhf | scdaemon | < 2.0.19-2+deb7u2 | scdaemon_2.0.19-2+deb7u2_armhf.deb |
| Debian | 7 | mipsel | gpgv | < 1.4.12-7+deb7u4 | gpgv_1.4.12-7+deb7u4_mipsel.deb |
| Debian | 7 | armel | gpgv | < 1.4.12-7+deb7u4 | gpgv_1.4.12-7+deb7u4_armel.deb |
| Debian | 7 | ia64 | gpgv-udeb | < 1.4.12-7+deb7u4 | gpgv-udeb_1.4.12-7+deb7u4_ia64.deb |
| Debian | 7 | s390x | gpgv-udeb | < 1.4.12-7+deb7u4 | gpgv-udeb_1.4.12-7+deb7u4_s390x.deb |
| Debian | 7 | sparc | gnupg-agent | < 2.0.19-2+deb7u2 | gnupg-agent_2.0.19-2+deb7u2_sparc.deb |
| Debian | 7 | ia64 | gnupg | < 1.4.12-7+deb7u4 | gnupg_1.4.12-7+deb7u4_ia64.deb |
| Debian | 7 | powerpc | gpgsm | < 2.0.19-2+deb7u2 | gpgsm_2.0.19-2+deb7u2_powerpc.deb |
| Debian | 7 | amd64 | gpgsm | < 2.0.19-2+deb7u2 | gpgsm_2.0.19-2+deb7u2_amd64.deb |
| Debian | 6 | amd64 | gnupg2 | < 2.0.14-2+squeeze2 | gnupg2_2.0.14-2+squeeze2_amd64.deb |
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
86.0%