Mandriva update for gnupg and gpgme - Advisories

Software Inspectors

	Scan Online

	Personal (PSI)

	Network (NSI 2.0)

Solutions For

	Security Professionals

	Security Vendors

Free Solutions For

	Open Communities

	Journalists & Media

Secunia Advisories

	Search

	Historic Advisories

	Listed By Product

	Listed By Vendor

	Statistics / Graphs

	Secunia Research

	Report Vulnerability

	About Advisories

Virus Information

	Chronological List

	Last 10 Virus Alerts

	About Virus Information

Secunia Customers

	Customer Area

Mandriva update for gnupg and gpgme

Secunia Advisory:	SA24407
Release Date:	2007-03-09

Critical:	Moderately critical
Impact:	Security Bypass
Where:	From remote
Solution Status:	Vendor Patch

OS:	Mandriva Linux 2006 Mandriva Linux 2007.0


CVE reference:	CVE-2007-1263 (Secunia mirror)

	Want to know the next time vulnerabilities are fixed in this product? - Companies can be alerted via email and SMS!

Description: Mandriva has issued an update for gnupg and gpgme. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions when applications use GnuPG in an insecure manner. For more information: SA24412 Solution: Apply updated packages. Mandriva Linux 2006 ec697754fca080fa53c6c486cd91ba8c 2006.0/i586/gnupg-1.4.7-0.2.20060mdk.i586.rpm f30ab12655598264c10cee92ed76c951 2006.0/SRPMS/gnupg-1.4.7-0.2.20060mdk.src.rpm Mandriva Linux 2006/X86_64 845bfd1f359b7866e73ab2eb8b30b8fe 2006.0/x86_64/gnupg-1.4.7-0.2.20060mdk.x86_64.rpm f30ab12655598264c10cee92ed76c951 2006.0/SRPMS/gnupg-1.4.7-0.2.20060mdk.src.rpm Mandriva Linux 2007 c1b40e8866482c368aab5df228093ab3 2007.0/i586/gnupg-1.4.7-0.2mdv2007.0.i586.rpm 9dbf1a7a48aecb2ece048b47f4c7ade9 2007.0/i586/libgpgme11-1.1.2-2.1mdv2007.0.i586.rpm 3809f32ed3708606e6318fb7feed230d 2007.0/i586/libgpgme11-devel-1.1.2-2.1mdv2007.0.i586.rpm 62d991ccd15ca77ed37ccd4ca1bedba7 2007.0/SRPMS/gnupg-1.4.7-0.2mdv2007.0.src.rpm 31357e977acd83d777df2d77c22094f6 2007.0/SRPMS/gpgme-1.1.2-2.1mdv2007.0.src.rpm Mandriva Linux 2007/X86_64 d5339dd2bc4146dd18c2ab3b4eca028d 2007.0/x86_64/gnupg-1.4.7-0.2mdv2007.0.x86_64.rpm 608bd0a86d6f83927466f23e7d73fa8d 2007.0/x86_64/lib64gpgme11-1.1.2-2.1mdv2007.0.x86_64.rpm 915d2d203fa41ce12bc661d1a89d563b 2007.0/x86_64/lib64gpgme11-devel-1.1.2-2.1mdv2007.0.x86_64.rpm 62d991ccd15ca77ed37ccd4ca1bedba7 2007.0/SRPMS/gnupg-1.4.7-0.2mdv2007.0.src.rpm 31357e977acd83d777df2d77c22094f6 2007.0/SRPMS/gpgme-1.1.2-2.1mdv2007.0.src.rpm Original Advisory: http://www.mandriva.com/security/advisories?name=MDKSA-2007:059 Other References: SA24412: http://secunia.com/advisories/24412/



Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

367 Related Secunia Security Advisories, displaying 10

1. Mandriva update for rsync

2. Mandriva update for cups

3. Mandriva update for openssh

4. Mandriva update for perl-Tk

5. Mandriva update for sarg

6. Mandriva update for bzip2

7. Mandriva update for krb5

8. Mandriva update for perl-Net-DNS

9. Mandriva update for unzip

10. Mandriva update for gcc

Show all related advisories

Send Feedback to Secunia

If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.

Secunia PSI
Scan | Patch | Track
Free Download

Secunia Poll

Most Popular Advisories

1.	Mozilla Firefox Multiple Vulnerabilities

2.	Opera for Windows Unspecified Code Execution

3.	VLC Media Player WAV Processing Integer Overflow

4.	Mozilla Thunderbird Multiple Vulnerabilities

5.	Fedora update for glib2

6.	Novell eDirectory ds.dlm Module Buffer Overflow

7.	GNOME Glib PCRE pcre_compile.c Buffer Overflow Vulnerability

8.	Red Hat update for rhpki-common

9.	PCRE pcre_compile.c Buffer Overflow Vulnerability

10.	Drupal Tinytax taxonomy block Script Insertion Vulnerabilities