11 matches found
SLES9: Security update for gpg
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: gpg For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5020588 within the SuSE...
SLES9: Security update for gpg
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: gpg For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 5020588 within the SuSE...
SuSE9 Security Update : gpg (YOU Patch Number 11464)
When printing a text stream with a GPG signature it was possible for an attacker to create a stream with 'unsigned text, signed text' where both unsigned and signed text would be shown without distinction which one was signed and which part wasn't. This is tracked by the Mitre CVE ID CVE-2007-126...
Debian Security Advisory DSA 1266-1 (gnupg)
The remote host is missing an update to gnupg announced via advisory DSA 1266-1. Gerardo Richarte discovered that GnuPG, a free PGP replacement, provides insufficient user feedback if an OpenPGP message contains both unsigned and signed portions. Inserting text segments into an otherwise signed...
SuSE 10 Security Update : gpg (ZYPP Patch Number 2994)
When printing a text stream with a GPG signature it was possible for an attacker to create a stream with 'unsigned text, signed text' where both unsigned and signed text would be shown without distinction which one was signed and which part wasn't. This is tracked by the Mitre CVE ID CVE-2007-126...
openSUSE 10 Security Update : gpg (gpg-2995)
When printing a text stream with a GPG signature it was possible for an attacker to create a stream with 'unsigned text, signed text' where both unsigned and signed text would be shown without distinction which one was signed and which part wasn't. This is tracked by the Mitre CVE ID CVE-2007-126...
[SECURITY] [DSA 1266-1] New gnupg packages fix signature forgery
-------------------------------------------------------------------------- Debian Security Advisory DSA 1266-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 13th, 2007 http://www.debian.org/security/faq -...
[slackware-security] gnupg
New gnupg packages are available for Slackware 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix security ramifications of incorrect gpg usage. More details about this issue may be found in the Common Vulnerabilities and Exposures CVE database: https://vulners.com/cve/CVE-2007-1263 Here are the details...
CVE-2007-1263
CVE-2007-1263 affects GnuPG 1.4.6 and earlier and GPGME before 1.1.4. The issue is that, when parsing OpenPGP messages with multiple components, signed and unsigned portions are not visually distinguished, allowing an attacker to forge the contents of a message without detection. The vulnerabilit...
CVE-2007-1263
GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection...
CentOS 3 / 4 : gnupg (CESA-2007:0106)
Updated GnuPG packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. GnuPG is a utility for encrypting data and creating digital signatures. Gerardo Richarte discovered that a number of applicatio...