LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

gnupg: memory access violations

Package(s):gnupg CVE #(s):CVE-2012-6085
Created:January 2, 2013 Updated:April 8, 2013
Description: From the Mandriva advisory:

Versions of GnuPG <= 1.4.12 are vulnerable to memory access violations and public keyring database corruption when importing public keys that have been manipulated. An OpenPGP key can be fuzzed in such a way that gpg segfaults (or has other memory access violations) when importing the key.

Alerts:
Mandriva MDVSA-2013:001 2013-01-02
Debian DSA-2601-1 2013-01-06
Mageia MGASA-2013-0003 2013-01-05
Ubuntu USN-1682-1 2013-01-09
Fedora FEDORA-2013-0258 2013-01-12
Fedora FEDORA-2013-0459 2013-01-20
Fedora FEDORA-2013-0477 2013-01-20
Fedora FEDORA-2013-0222 2013-01-20
Mandriva MDVSA-2013:001-1 2013-04-05
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds