Lucene search
RedHatRHSA-2010:0603HistoryAug 04, 2010 - 12:00 a.m.
(RHSA-2010:0603) Moderate: gnupg2 security update
2010-08-0400:00:00
access.redhat.com
13
EPSS
0.127
Percentile
95.5%
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and
creating digital signatures, compliant with the proposed OpenPGP Internet
standard and the S/MIME standard.
A use-after-free flaw was found in the way gpgsm, a Cryptographic Message
Syntax (CMS) encryption and signing tool, handled X.509 certificates with
a large number of Subject Alternate Names. A specially-crafted X.509
certificate could, when imported, cause gpgsm to crash or, possibly,
execute arbitrary code. (CVE-2010-2547)
All gnupg2 users should upgrade to this updated package, which contains a
backported patch to correct this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 5 | s390x | gnupg2 | < 2.0.10-3.el5_5.1 | gnupg2-2.0.10-3.el5_5.1.s390x.rpm |
| RedHat | 5 | ppc | gnupg2 | < 2.0.10-3.el5_5.1 | gnupg2-2.0.10-3.el5_5.1.ppc.rpm |
| RedHat | 5 | i386 | gnupg2 | < 2.0.10-3.el5_5.1 | gnupg2-2.0.10-3.el5_5.1.i386.rpm |
| RedHat | 5 | ia64 | gnupg2 | < 2.0.10-3.el5_5.1 | gnupg2-2.0.10-3.el5_5.1.ia64.rpm |
| RedHat | 5 | src | gnupg2 | < 2.0.10-3.el5_5.1 | gnupg2-2.0.10-3.el5_5.1.src.rpm |
| RedHat | 5 | x86_64 | gnupg2 | < 2.0.10-3.el5_5.1 | gnupg2-2.0.10-3.el5_5.1.x86_64.rpm |
Related
debian
debian
[SECURITY] [DSA 2076-1] New gnupg2 packages fix potential code execution
2010-07-27 20:04:48
openvas
openvas
Gentoo Security Advisory GLSA 201110-15 (GnuPG)
2012-02-12 00:00:00
Slackware Advisory SSA:2010-240-01 gnupg2
2012-09-11 00:00:00
RedHat Update for gnupg2 RHSA-2010:0603-01
2010-08-06 00:00:00
nessus
nessus
Debian DSA-2076-1 : gnupg2 - use-after-free
2010-07-29 00:00:00
Ubuntu 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : gnupg2 vulnerability (USN-970-1)
2010-08-12 00:00:00
Fedora 13 : gnupg2-2.0.14-4.fc13 (2010-11413)
2010-08-03 00:00:00
ubuntucve
ubuntucve
CVE-2010-2547
2010-08-05 00:00:00
prion
prion
Design/Logic Flaw
2010-08-05 18:17:00
slackware
slackware
[slackware-security] gnupg2
2010-08-28 16:52:10
centos
centos
gnupg2 security update
2010-08-06 11:35:05
nvd
nvd
CVE-2010-2547
2010-08-05 18:17:57
cvelist
cvelist
CVE-2010-2547
2010-08-05 18:00:00
debiancve
debiancve
CVE-2010-2547
2010-08-05 18:17:57
ubuntu
ubuntu
GnuPG2 vulnerability
2010-08-11 00:00:00
cve
cve
CVE-2010-2547
2010-08-05 18:17:57
oraclelinux
oraclelinux
gnupg2 security update
2010-08-04 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2076-1] New gnupg2 packages fix potential code execution
2010-07-28 00:00:00
PgnuPG use-after-free vulnerability
2010-07-28 00:00:00
gentoo
gentoo
GnuPG: User-assisted execution of arbitrary code
2011-10-22 00:00:00
osv
osv
gpg2-2.1.16-1.1 on GA media
2024-06-15 00:00:00