[El-errata] ELSA-2013-1458 Moderate: Oracle Linux 5 gnupg security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Thu Oct 24 19:45:16 PDT 2013
Oracle Linux Security Advisory ELSA-2013-1458
https://rhn.redhat.com/errata/RHSA-2013-1458.html
The following updated rpms for Oracle Linux 5 have been uploaded to the
Unbreakable Linux Network:
i386:
gnupg-1.4.5-18.el5_10.i386.rpm
x86_64:
gnupg-1.4.5-18.el5_10.x86_64.rpm
ia64:
gnupg-1.4.5-18.el5_10.ia64.rpm
SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/gnupg-1.4.5-18.el5_10.src.rpm
Description of changes:
[1.4.5-18]
- fix CVE-2013-4351 gpg treats no-usage-permitted keys as
all-usages-permitted
[1.4.5-17]
- fix CVE-2012-6085 GnuPG: read_block() corrupt key input validation
- fix CVE-2013-4242 GnuPG susceptible to Yarom/Falkner side-channel attack
- fix CVE-2013-4402 GnuPG: infinite recursion in the compressed packet
parser
[1.4.5-15]
- fix error when decrypting certain files (#510500)
More information about the El-errata
mailing list