[El-errata] ELSA-2013-1458 Moderate: Oracle Linux 5 gnupg security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Oct 24 19:45:16 PDT 2013


Oracle Linux Security Advisory ELSA-2013-1458

https://rhn.redhat.com/errata/RHSA-2013-1458.html

The following updated rpms for Oracle Linux 5 have been uploaded to the 
Unbreakable Linux Network:

i386:
gnupg-1.4.5-18.el5_10.i386.rpm

x86_64:
gnupg-1.4.5-18.el5_10.x86_64.rpm

ia64:
gnupg-1.4.5-18.el5_10.ia64.rpm


SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/gnupg-1.4.5-18.el5_10.src.rpm



Description of changes:

[1.4.5-18]
- fix CVE-2013-4351 gpg treats no-usage-permitted keys as 
all-usages-permitted

[1.4.5-17]
- fix CVE-2012-6085 GnuPG: read_block() corrupt key input validation
- fix CVE-2013-4242 GnuPG susceptible to Yarom/Falkner side-channel attack
- fix CVE-2013-4402 GnuPG: infinite recursion in the compressed packet 
parser

[1.4.5-15]
- fix error when decrypting certain files (#510500)





More information about the El-errata mailing list