Summary: | <app-crypt/gnupg-2.2.23: Buffer overflow in AEAD preference parser (CVE-2020-25125) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sam James <sam> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | alexander, glsamaker, k_f, polynomial-c, zlogene |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://lists.gnupg.org/pipermail/gnupg-announce/2020q3/000448.html | ||
Whiteboard: | ~2 [noglsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Sam James
2020-09-03 19:26:25 UTC
Needs cleanup. “ If GnuPG version 2.2.21 or 2.2.22 is in use please update ASAP to version 2.2.23. If you are using an older version or a beta of version 2.3 no immediate action is required.” Bug: https://dev.gnupg.org/T5050 *** Bug 740572 has been marked as a duplicate of this bug. *** |