USN-3675-2: GnuPG 2 vulnerability

USN-3675-1 fixed a vulnerability in GnuPG 2 for Ubuntu 18.04 LTS and Ubuntu 17.10. This update provides the corresponding update for GnuPG 2 in Ubuntu 16.04 LTS and Ubuntu 14.04 LTS. Original advisory details: Marcus Brinkmann discovered that during decryption or verification, GnuPG did not...

Ubuntu 14.04 LTS / 16.04 LTS : GnuPG 2 vulnerability (USN-3675-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3675-2 advisory. USN-3675-1 fixed a vulnerability in GnuPG 2 for Ubuntu 18.04 LTS and Ubuntu 17.10. This update provides the corresponding update for GnuPG 2 in Ubuntu...

Debian DLA-93-1 : libgcrypt11 security update

Daniel Genkin, Itamar Pipman and Eran Tromer discovered that Elgamal encryption subkeys in applications using the libgcrypt11 library, for example GnuPG 2.x, could be leaked via a side-channel attack see http://www.cs.tau.ac.il/tromer/handsoff/. This is fixed in Squeeze in version 1.4.5-2+squeeze...

Tails 1.3 Released, Introduces 'Electrum Bitcoin Wallet'

A new Tails 1.3 has been released with support to a secure Bitcoin wallet. Tails, also known as the 'Amnesic Incognito Live System', is a free security-focused Debian-based Linux distribution, specially designed and optimized to preserve users' anonymity and privacy. Tails operating system came t...

DLA-93-1 libgcrypt11 - security update

Bulletin has no description...

Debian DSA-3073-1 : libgcrypt11 - security update

Daniel Genkin, Itamar Pipman and Eran Tromer discovered that Elgamal encryption subkeys in applications using the libgcrypt11 library, for example GnuPG 2.x, could be leaked via a side-channel attack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

CVE-2014-4617

The douncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service infinite loop via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence...

Debian DSA-2730-1 : gnupg - information leak

Yarom and Falkner discovered that RSA secret keys could be leaked via a side channel attack, where a malicious local user could obtain private key information from another user on the system. This update fixes this issue for the 1.4 series of GnuPG. GnuPG 2.x is affected through its use of the...

[SECURITY] [DSA 2731-1] libgcrypt11 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2731-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst July 29, 2013 http://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-2076-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 2076-1 (gnupg2)

The remote host is missing an update to gnupg2 announced via advisory DSA 2076-1. OpenVAS Vulnerability Test $Id: deb20761.nasl 6614 2017-07-07 12:09:12Z cfischer $ Description: Auto-generated from advisory DSA 2076-1 gnupg2 Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

CVE-2010-2547

Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc...

[SECURITY] [DSA 2076-1] New gnupg2 packages fix potential code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-2076-1 [email protected] http://www.debian.org/security/ Florian Weimer July 27, 2010 http://www.debian.org/security/faq -...