Wind River Support Network

HomeDefectsLIN6-7797

Fixed

LIN6-7797 : Security Advisory - gnupg - CVE-2014-4617

Created: Jun 29, 2014 Updated: Dec 3, 2018

Resolved Date: Jul 22, 2014

Found In Version: 6.0.0.10

Fix Version: 6.0.0.10

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4617

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38