[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 51-1] gnupg2 security update

Package        : gnupg2
Version        : 2.0.14-2+squeeze3
CVE ID         : CVE-2014-4617
Debian Bug     : 752498

Jean-Rene Reinhard, Olivier Levillain and Florian Maury reported that
GnuPG, the GNU Privacy Guard, did not properly parse certain garbled
compressed data packets. A remote attacker could use this flaw to mount
a denial of service against GnuPG by triggering an infinite loop.

Attachment: signature.asc
Description: Digital signature

Reply to: