Bug 42674 - gnupg 1.0.6 out, fixing format string exploit
gnupg 1.0.6 out, fixing format string exploit
Product: Red Hat Linux
Classification: Retired
Component: gnupg (Show other bugs)
All Linux
high Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Aaron Brown
: Security
Depends On:
  Show dependency treegraph
Reported: 2001-05-29 09:11 EDT by Chris Ricker
Modified: 2007-03-26 23:44 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-05-30 09:44:10 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Chris Ricker 2001-05-29 09:11:13 EDT
Description of Problem:

GPG 1.0.5 and prior versions are vulnerable to format string exploits in
non-batch mode.  1.0.6 fixes this, according to the <A
HREF="http://www.gnupg.org/whatsnew.html#rn20010529">GnuPG web page</A>.

Presumably a more informative announcement from Werner is forthcoming....
Comment 1 Chris Ricker 2001-05-29 21:15:27 EDT
Exploits for this have now been posted to bugtraq
Comment 2 Nalin Dahyabhai 2001-05-30 09:44:05 EDT
An errata packages is being prepped.

Note You need to log in before you can comment on or make changes to this bug.