410 matches found
DEBIAN-CVE-2016-6313
The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits...
[SECURITY] Fedora 23 Update: libgcrypt-1.6.6-1.fc23
Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...
[SECURITY] Fedora 25 Update: libgcrypt-1.6.6-1.fc25
Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...
[SECURITY] Fedora 24 Update: libgcrypt-1.6.6-1.fc24
Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...
USN-3064-1 gnupg vulnerability
Felix Dörre and Vladimir Klebanov discovered that GnuPG incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output...
GPG Patches 18-Year-Old Libgcrypt RNG Bug
New versions of Libgcrypt and Gnu Privacy Guard GnuPG or GPG released on Wednesday include security fixes for vulnerabilities discovered in the mixing functions of the Libgcrypt random number generator. The flaws were privately disclosed by Felix Dörre and Vladimir Klebanov of Karlsruhe Institute...
UBUNTU-CVE-2016-6313
The mixing functions in the random number generator in Libgcrypt before 1.5.6, 1.6.x before 1.6.6, and 1.7.x before 1.7.3 and GnuPG before 1.4.21 make it easier for attackers to obtain the values of 160 bits by leveraging knowledge of the previous 4640 bits...
[SECURITY] Fedora 23 Update: libgcrypt-1.6.5-1.fc23
Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...
[SECURITY] Fedora 24 Update: libgcrypt-1.6.5-1.fc24
Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...
Gnu Privacy Guard - Dangerous filesystem permissions, Exported ContentProvider, Runtime privilege escalation vulnerabilities
HackApp vulnerability scanner discovered that application Gnu Privacy Guard published at the 'play' market has multiple vulnerabilities...
grub2 security update
CentOS Errata and Security Advisory CESA-2015:2401 Updated grub2 packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scori...
redhat-upgrade-tool: does not check GPG signatures on package installation
It was found that the redhat-upgrade-tool did not check GPG signatures on downloaded and installed packages during the upgrade process...
Simple Streams Disk Forgery Vulnerability
Simple Streams is a library and tool for using simple streaming data. A vulnerability in Simple Streams fails to properly validate the GPG signature of a disk image file. Allowing a remote attacker to forge a disk image with a 403 response...
UBUNTU-CVE-2015-0839
The hp-plugin utility in HP Linux Imaging and Printing HPLIP makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to verify print plugin downloads...
Vulnerabilities of the SUSE Linux Enterprise operating system, which allow a malicious individual to compromise the integrity of protected information
The multiple vulnerabilities of the gpg package in the SUSE Linux Enterprise operating system can be exploited, leading to a breach of the integrity of the protected information. These vulnerabilities can be exploited remotely...
The vulnerability of the CentOS operating system allows a malicious attacker to compromise the integrity and accessibility of protected information.
The vulnerability of the gnupg-1.4.5 package of the CentOS operating system can lead to a violation of the integrity and accessibility of protected information. This vulnerability can be exploited remotely...
The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the integrity and accessibility of protected information.
The vulnerability of the gnupg-1.4.5 package of the Red Hat Enterprise Linux operating system can lead to a violation of the integrity and accessibility of protected information. This vulnerability can be exploited remotely...
Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities of the gpg package in the OpenSUSE operating system can be exploited, leading to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
The vulnerability of the Red Hat Enterprise Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the gnupg-1.2.6 package for the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the gpg2 package of the OpenSUSE operating system can lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...