15 matches found
SUSE SLES12 Security Update : gpg2 (SUSE-SU-2026:0378-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0378-1 advisory. - CVE-2025-68973: Fixed possile memory corruption in the armor parser T7906 bsc1255715 - Fixed GnuPG Accepting Path Separators and Path Traversals in...
SUSE-SU-2026:0378-1 Security update for gpg2
This update for gpg2 fixes the following issues: - CVE-2025-68973: Fixed possile memory corruption in the armor parser T7906 bsc1255715 - Fixed GnuPG Accepting Path Separators and Path Traversals in Literal Data bsc1256389 - Fixed Cleartext Signature Forgery in the NotDashEscaped header...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : gpg2 (SUSE-SU-2026:0215-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:0215-1 advisory. - CVE-2025-68973: Fix possible memory corruption in the armor parser gpg.fail/memcpybsc1255715. - Avoid...
Security update for gpg2
This update for gpg2 fixes the following issues: CVE-2025-68973: Fix possible memory corruption in the armor parser gpg.fail/memcpybsc1255715. Avoid potential downgrade to SHA1 in 3rd party key signatures gpg.fail/sha1 bsc1256246. Error out on unverified output for non-detached signatures...
Security update for gpg2
This update for gpg2 fixes the following issues: CVE-2025-68973: Fix possible memory corruption in the armor parser gpg.fail/memcpybsc1255715. Avoid potential downgrade to SHA1 in 3rd party key signatures gpg.fail/sha1 bsc1256246. Error out on unverified output for non-detached signatures...
SUSE-SU-2026:0214-1 Security update for gpg2
This update for gpg2 fixes the following issues: - CVE-2025-68973: Fix possible memory corruption in the armor parser gpg.fail/memcpybsc1255715. - Avoid potential downgrade to SHA1 in 3rd party key signatures gpg.fail/sha1 bsc1256246. - Error out on unverified output for non-detached signatures...
openSUSE 16 Security Update : gpg2 (openSUSE-SU-2026:20029-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20029-1 advisory. - CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption bsc1255715. Other securi...
Security update for gpg2 (important)
openSUSE security update: security update for gpg2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20029-1 Rating: important References: bsc1255715 bsc1256244 bsc1256246 bsc1256390 Cross-References: CVE-2025-68973 CVSS scores: CVE-2025-68973 SUSE : ...
OPENSUSE-SU-2026:20029-1 Security update for gpg2
This update for gpg2 fixes the following issues: - CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption bsc1255715. Other security fixes: - gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures bsc1256246. - gpg...
EUVD-2006-0057
Malware in sbrugna...
SUSE CVE-2006-0049
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different...
Code injection
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different...
CVE-2006-0049
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different...
CVE-2006-0049
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached signatures, which allows attackers to inject unsigned data via a data packet that is not associated with a control packet, which causes the check for concatenated signatures to report that the signature is valid, a different...
GnuPG unsigned data injection
While decoding non-detached with signature within text messages unsigned data behind signature is invalidely decoded as a part of the messages...