The GNU Privacy Guard (GPG) allows crafting a message which could check out correct using “–verify”, but would extract a different, potentially malicious content when using “-o --batch”.
There is no known workaround, please install the update packages.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE | 9.1 | i586 | gpg | < 1.2.4-68.13 | gpg-1.2.4-68.13.i586.rpm |
openSUSE | 9.3 | i586 | gpg | < 1.4.0-4.4 | gpg-1.4.0-4.4.i586.rpm |
openSUSE | 9.1 | x86_64 | gpg | < 1.2.4-68.13 | gpg-1.2.4-68.13.x86_64.rpm |
openSUSE | 10.0 | i586 | gpg | < 1.4.2-5.4 | gpg-1.4.2-5.4.i586.rpm |
openSUSE | 9.2 | x86_64 | gpg | < 1.2.5-3.6 | gpg-1.2.5-3.6.x86_64.rpm |
openSUSE | 10.0 | x86_64 | gpg | < 1.4.2-5.4 | gpg-1.4.2-5.4.x86_64.rpm |
openSUSE | 10.0 | ppc | gpg | < 1.4.2-5.4 | gpg-1.4.2-5.4.ppc.rpm |
openSUSE | 9.2 | i586 | gpg | < 1.2.5-3.6 | gpg-1.2.5-3.6.i586.rpm |
openSUSE | 9.3 | x86_64 | gpg | < 1.4.0-4.4 | gpg-1.4.0-4.4.x86_64.rpm |