OESA-2022-1847 gnupg2 security update

GnuPG is a complete and free implementation of the OpenPGP standard as defined by RFC4880 also known as PGP. GnuPG enables encryption and signing of data and communication, and features a versatile key management system as well as access modules for public key directories. Security Fixes: GnuPG...

GnuPG through 2.3.6 in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g. use of GPGME) are met allows signature forgery via injection into the status line.

...

DEBIAN-CVE-2022-34903

GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints e.g., use of GPGME are met, allows signature forgery via injection into the status line...

GnuPG 注入漏洞

GnuPG is a suite of open source cryptographic software from the GNU community under the GNU General Public License. The software supports public key, symmetric encryption, hashing, and other algorithms. Versions of GnuPG prior to 2.3.6 suffer from an injection vulnerability that stems from an...