Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2013-4351 (GCVE-0-2013-4351)
Vulnerability from cvelistv5 – Published: 2013-10-10 00:00 – Updated: 2024-08-06 16:38
VLAI?
EPSS
Summary
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138"
},
{
"name": "openSUSE-SU-2013:1532",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html"
},
{
"name": "USN-1987-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-1987-1"
},
{
"name": "DSA-2773",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2773"
},
{
"name": "[oss-security] 20130913 Re: GnuPG treats no-usage-permitted keys as all-usages-permitted",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/09/13/4"
},
{
"name": "RHSA-2013:1459",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
},
{
"name": "openSUSE-SU-2013:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html"
},
{
"name": "DSA-2774",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2774"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-02T14:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138"
},
{
"name": "openSUSE-SU-2013:1532",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html"
},
{
"name": "USN-1987-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-1987-1"
},
{
"name": "DSA-2773",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2773"
},
{
"name": "[oss-security] 20130913 Re: GnuPG treats no-usage-permitted keys as all-usages-permitted",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/09/13/4"
},
{
"name": "RHSA-2013:1459",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
},
{
"name": "openSUSE-SU-2013:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html"
},
{
"name": "DSA-2774",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2774"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4351",
"datePublished": "2013-10-10T00:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:38:01.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:1.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"28374619-966D-4F38-B83E-A6296F27CC05\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:1.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22A28CDF-F2AF-4D49-9FB1-AED34A758289\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:1.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6399A22D-90DF-4CB5-9367-0C5242BD1A2B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:1.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D63B0B4A-3998-4A4F-AD7A-BB8CEBE897B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:1.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDA6934A-3D02-4749-A147-BE538C0AF27F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:1.4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B238CA5-3B4D-4D6A-92CA-39A7CD57AF40\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:1.4.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC6150E3-1D7C-44DA-BA57-35AB26F881B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:1.4.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EB20A34-5E11-4D70-B3DE-66DD9863AE0D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:1.4.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA47467D-3D96-46DB-B0AC-D28586829710\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:1.4.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"68B68F2F-0718-4C87-9629-4657DC49EECC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:1.4.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"69D492F9-2064-488A-BD16-99DD865D2BF6\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"47C64072-FC9C-4CA9-9752-3BC08839E319\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C14D838-595F-4D1C-88B9-073937316923\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CBF8F2C7-574C-4768-ABAA-E3D9236299CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"113D566B-B596-4612-9D11-E238602A603E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CFC52C5-1148-4AC6-AAA2-8343E0C2029E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E07E370B-4D2E-4EEC-A3EB-47AA9283278D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E3C52E7-454B-4FE9-9068-87ACB2925A5C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"90B62D8E-3A37-4D7A-B674-06FFD80B86FB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"59D27E52-B850-4BC0-B81A-A031BC50514B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0035132-40B2-4C7E-B6E3-F70117F3FC3B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B2D7B2D-CEBC-42BA-90E0-5C71BA39F5BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0626EEB2-39B3-4154-9F99-027057B33D1D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"752E350F-E1EB-47CE-95E7-F990F4453BF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F223B411-B9A6-49D4-A9BA-4FBF74B85A0C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F9C4712-169A-4010-B143-98690803E5BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4E76177-9B90-40F2-AB9D-7C7249DEC497\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A384E132-188E-40AC-84C9-D46A589EE766\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.0.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27BE1F8C-EE11-4E9B-9745-037F3AC7CC63\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:gnupg:gnupg:2.1.0:beta1:*:*:*:*:*:*\", \"matchCriteriaId\": \"10427264-78E1-4FB1-A8EF-BDB0C9822DB5\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.\"}, {\"lang\": \"es\", \"value\": \"GnuPG 1.4.x, y 2.1.x trata un subpaquete de flags clave con todos los bits a 0 (sin uso permitido) como si tuviera todos los bits establecidos (todo uso permitido) lo que permitir\\u00eda a atacantes remotos evadir mecanismos de protecci\\u00f3n criptogr\\u00e1fica intencionada mediante el aprovechamiento de la subclave.\"}]",
"id": "CVE-2013-4351",
"lastModified": "2024-11-21T01:55:24.340",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:N\", \"baseScore\": 5.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2013-10-10T00:55:15.023",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-1459.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://ubuntu.com/usn/usn-1987-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2013/dsa-2773\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2013/dsa-2774\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2013/09/13/4\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1010137\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2013-1459.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://ubuntu.com/usn/usn-1987-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2013/dsa-2773\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2013/dsa-2774\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2013/09/13/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1010137\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-310\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2013-4351\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-10-10T00:55:15.023\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.\"},{\"lang\":\"es\",\"value\":\"GnuPG 1.4.x, y 2.1.x trata un subpaquete de flags clave con todos los bits a 0 (sin uso permitido) como si tuviera todos los bits establecidos (todo uso permitido) lo que permitir\u00eda a atacantes remotos evadir mecanismos de protecci\u00f3n criptogr\u00e1fica intencionada mediante el aprovechamiento de la subclave.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-310\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28374619-966D-4F38-B83E-A6296F27CC05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22A28CDF-F2AF-4D49-9FB1-AED34A758289\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6399A22D-90DF-4CB5-9367-0C5242BD1A2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D63B0B4A-3998-4A4F-AD7A-BB8CEBE897B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDA6934A-3D02-4749-A147-BE538C0AF27F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B238CA5-3B4D-4D6A-92CA-39A7CD57AF40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC6150E3-1D7C-44DA-BA57-35AB26F881B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EB20A34-5E11-4D70-B3DE-66DD9863AE0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA47467D-3D96-46DB-B0AC-D28586829710\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68B68F2F-0718-4C87-9629-4657DC49EECC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69D492F9-2064-488A-BD16-99DD865D2BF6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47C64072-FC9C-4CA9-9752-3BC08839E319\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C14D838-595F-4D1C-88B9-073937316923\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBF8F2C7-574C-4768-ABAA-E3D9236299CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"113D566B-B596-4612-9D11-E238602A603E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CFC52C5-1148-4AC6-AAA2-8343E0C2029E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E07E370B-4D2E-4EEC-A3EB-47AA9283278D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E3C52E7-454B-4FE9-9068-87ACB2925A5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90B62D8E-3A37-4D7A-B674-06FFD80B86FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59D27E52-B850-4BC0-B81A-A031BC50514B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0035132-40B2-4C7E-B6E3-F70117F3FC3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B2D7B2D-CEBC-42BA-90E0-5C71BA39F5BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0626EEB2-39B3-4154-9F99-027057B33D1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"752E350F-E1EB-47CE-95E7-F990F4453BF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F223B411-B9A6-49D4-A9BA-4FBF74B85A0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F9C4712-169A-4010-B143-98690803E5BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4E76177-9B90-40F2-AB9D-7C7249DEC497\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A384E132-188E-40AC-84C9-D46A589EE766\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27BE1F8C-EE11-4E9B-9745-037F3AC7CC63\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.1.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"10427264-78E1-4FB1-A8EF-BDB0C9822DB5\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1459.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://ubuntu.com/usn/usn-1987-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2773\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2774\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2013/09/13/4\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1010137\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1459.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://ubuntu.com/usn/usn-1987-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2773\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2774\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2013/09/13/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1010137\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
RHSA-2013_1458
Vulnerability from csaf_redhat - Published: 2013-10-24 15:16 - Updated: 2024-11-22 07:13Summary
Red Hat Security Advisory: gnupg security update
Notes
Topic
An updated gnupg package that fixes multiple security issues is now
available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and
creating digital signatures, compliant with the proposed OpenPGP Internet
standard and the S/MIME standard.
It was found that GnuPG was vulnerable to the Yarom/Falkner flush+reload
cache side-channel attack on the RSA secret exponent. An attacker able to
execute a process on the logical CPU that shared the L3 cache with the
GnuPG process (such as a different local user or a user of a KVM guest
running on the same host with the kernel same-page merging functionality
enabled) could possibly use this flaw to obtain portions of the RSA secret
key. (CVE-2013-4242)
A denial of service flaw was found in the way GnuPG parsed certain
compressed OpenPGP packets. An attacker could use this flaw to send
specially crafted input data to GnuPG, making GnuPG enter an infinite loop
when parsing data. (CVE-2013-4402)
It was found that importing a corrupted public key into a GnuPG keyring
database corrupted that keyring. An attacker could use this flaw to trick a
local user into importing a specially crafted public key into their keyring
database, causing the keyring to be corrupted and preventing its further
use. (CVE-2012-6085)
It was found that GnuPG did not properly interpret the key flags in a PGP
key packet. GPG could accept a key for uses not indicated by its holder.
(CVE-2013-4351)
Red Hat would like to thank Werner Koch for reporting the CVE-2013-4402
issue. Upstream acknowledges Taylor R Campbell as the original reporter.
All gnupg users are advised to upgrade to this updated package, which
contains backported patches to correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated gnupg package that fixes multiple security issues is now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and\ncreating digital signatures, compliant with the proposed OpenPGP Internet\nstandard and the S/MIME standard.\n\nIt was found that GnuPG was vulnerable to the Yarom/Falkner flush+reload\ncache side-channel attack on the RSA secret exponent. An attacker able to\nexecute a process on the logical CPU that shared the L3 cache with the\nGnuPG process (such as a different local user or a user of a KVM guest\nrunning on the same host with the kernel same-page merging functionality\nenabled) could possibly use this flaw to obtain portions of the RSA secret\nkey. (CVE-2013-4242)\n\nA denial of service flaw was found in the way GnuPG parsed certain\ncompressed OpenPGP packets. An attacker could use this flaw to send\nspecially crafted input data to GnuPG, making GnuPG enter an infinite loop\nwhen parsing data. (CVE-2013-4402)\n\nIt was found that importing a corrupted public key into a GnuPG keyring\ndatabase corrupted that keyring. An attacker could use this flaw to trick a\nlocal user into importing a specially crafted public key into their keyring\ndatabase, causing the keyring to be corrupted and preventing its further\nuse. (CVE-2012-6085)\n\nIt was found that GnuPG did not properly interpret the key flags in a PGP\nkey packet. GPG could accept a key for uses not indicated by its holder.\n(CVE-2013-4351)\n\nRed Hat would like to thank Werner Koch for reporting the CVE-2013-4402\nissue. Upstream acknowledges Taylor R Campbell as the original reporter.\n\nAll gnupg users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:1458",
"url": "https://access.redhat.com/errata/RHSA-2013:1458"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "891142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891142"
},
{
"category": "external",
"summary": "988589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=988589"
},
{
"category": "external",
"summary": "1010137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"category": "external",
"summary": "1015685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1458.json"
}
],
"title": "Red Hat Security Advisory: gnupg security update",
"tracking": {
"current_release_date": "2024-11-22T07:13:28+00:00",
"generator": {
"date": "2024-11-22T07:13:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2013:1458",
"initial_release_date": "2013-10-24T15:16:00+00:00",
"revision_history": [
{
"date": "2013-10-24T15:16:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-10-24T15:22:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T07:13:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.s390x",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.s390x",
"product_id": "gnupg-0:1.4.5-18.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"product": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.src",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.src",
"product_id": "gnupg-0:1.4.5-18.el5_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.x86_64",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.x86_64",
"product_id": "gnupg-0:1.4.5-18.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"product": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.ia64",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.ia64",
"product_id": "gnupg-0:1.4.5-18.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"product": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.i386",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.i386",
"product_id": "gnupg-0:1.4.5-18.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"product": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.ppc",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.ppc",
"product_id": "gnupg-0:1.4.5-18.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"product": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.src",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.src",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-6085",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2012-12-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "891142"
}
],
"notes": [
{
"category": "description",
"text": "The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: read_block() corrupt key input validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-6085"
},
{
"category": "external",
"summary": "RHBZ#891142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-6085",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6085"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-6085",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6085"
}
],
"release_date": "2012-12-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:16:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1458"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "GnuPG: read_block() corrupt key input validation"
},
{
"cve": "CVE-2013-4242",
"discovery_date": "2013-07-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "988589"
}
],
"notes": [
{
"category": "description",
"text": "GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the version of gnupg as shipped with Red Hat Enterprise Linux 5. This issue affects the version of libgcrypt as shipped with Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this issue as having moderate security impact, a future update may address this flaw. More technical details on this flaw are available at https://bugzilla.redhat.com/show_bug.cgi?id=988589#c12",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4242"
},
{
"category": "external",
"summary": "RHBZ#988589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=988589"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4242",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4242"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4242",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4242"
},
{
"category": "external",
"summary": "http://eprint.iacr.org/2013/448",
"url": "http://eprint.iacr.org/2013/448"
}
],
"release_date": "2013-07-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:16:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1458"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack"
},
{
"cve": "CVE-2013-4351",
"discovery_date": "2013-09-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1010137"
}
],
"notes": [
{
"category": "description",
"text": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnupg: treats no-usage-permitted keys as all-usages-permitted",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4351"
},
{
"category": "external",
"summary": "RHBZ#1010137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4351",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4351"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351"
}
],
"release_date": "2013-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:16:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1458"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "gnupg: treats no-usage-permitted keys as all-usages-permitted"
},
{
"acknowledgments": [
{
"names": [
"Werner Koch"
]
},
{
"names": [
"Taylor R Campbell"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2013-4402",
"discovery_date": "2013-10-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1015685"
}
],
"notes": [
{
"category": "description",
"text": "The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: infinite recursion in the compressed packet parser DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4402"
},
{
"category": "external",
"summary": "RHBZ#1015685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4402",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402"
}
],
"release_date": "2013-10-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:16:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1458"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "GnuPG: infinite recursion in the compressed packet parser DoS"
}
]
}
RHSA-2013:1459
Vulnerability from csaf_redhat - Published: 2013-10-24 15:21 - Updated: 2025-11-21 17:45Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An updated gnupg2 package that fixes three security issues is now available
for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and
creating digital signatures, compliant with the proposed OpenPGP Internet
standard and the S/MIME standard.
A denial of service flaw was found in the way GnuPG parsed certain
compressed OpenPGP packets. An attacker could use this flaw to send
specially crafted input data to GnuPG, making GnuPG enter an infinite loop
when parsing data. (CVE-2013-4402)
It was found that importing a corrupted public key into a GnuPG keyring
database corrupted that keyring. An attacker could use this flaw to trick a
local user into importing a specially crafted public key into their keyring
database, causing the keyring to be corrupted and preventing its further
use. (CVE-2012-6085)
It was found that GnuPG did not properly interpret the key flags in a PGP
key packet. GPG could accept a key for uses not indicated by its holder.
(CVE-2013-4351)
Red Hat would like to thank Werner Koch for reporting the CVE-2013-4402
issue. Upstream acknowledges Taylor R Campbell as the original reporter.
All gnupg2 users are advised to upgrade to this updated package, which
contains backported patches to correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated gnupg2 package that fixes three security issues is now available\nfor Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and\ncreating digital signatures, compliant with the proposed OpenPGP Internet\nstandard and the S/MIME standard.\n\nA denial of service flaw was found in the way GnuPG parsed certain\ncompressed OpenPGP packets. An attacker could use this flaw to send\nspecially crafted input data to GnuPG, making GnuPG enter an infinite loop\nwhen parsing data. (CVE-2013-4402)\n\nIt was found that importing a corrupted public key into a GnuPG keyring\ndatabase corrupted that keyring. An attacker could use this flaw to trick a\nlocal user into importing a specially crafted public key into their keyring\ndatabase, causing the keyring to be corrupted and preventing its further\nuse. (CVE-2012-6085)\n\nIt was found that GnuPG did not properly interpret the key flags in a PGP\nkey packet. GPG could accept a key for uses not indicated by its holder.\n(CVE-2013-4351)\n\nRed Hat would like to thank Werner Koch for reporting the CVE-2013-4402\nissue. Upstream acknowledges Taylor R Campbell as the original reporter.\n\nAll gnupg2 users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:1459",
"url": "https://access.redhat.com/errata/RHSA-2013:1459"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "891142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891142"
},
{
"category": "external",
"summary": "1010137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"category": "external",
"summary": "1015685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1459.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2025-11-21T17:45:47+00:00",
"generator": {
"date": "2025-11-21T17:45:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2013:1459",
"initial_release_date": "2013-10-24T15:21:00+00:00",
"revision_history": [
{
"date": "2013-10-24T15:21:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-10-24T15:22:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:45:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.src",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.src",
"product_id": "gnupg2-0:2.0.10-6.el5_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=src"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.0.14-6.el6_4.src",
"product": {
"name": "gnupg2-0:2.0.14-6.el6_4.src",
"product_id": "gnupg2-0:2.0.14-6.el6_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.i386",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.i386",
"product_id": "gnupg2-0:2.0.10-6.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"product": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.x86_64",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.x86_64",
"product_id": "gnupg2-0:2.0.10-6.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"product": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"product_id": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.14-6.el6_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"product_id": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.14-6.el6_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"product": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"product_id": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.ia64",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.ia64",
"product_id": "gnupg2-0:2.0.10-6.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"product": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.s390x",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.s390x",
"product_id": "gnupg2-0:2.0.10-6.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"product": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"product_id": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.14-6.el6_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"product_id": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.14-6.el6_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.0.14-6.el6_4.s390x",
"product": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x",
"product_id": "gnupg2-0:2.0.14-6.el6_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.ppc",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.ppc",
"product_id": "gnupg2-0:2.0.10-6.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"product": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"product": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"product_id": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.14-6.el6_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"product": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"product_id": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.14-6.el6_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.0.14-6.el6_4.i686",
"product": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686",
"product_id": "gnupg2-0:2.0.14-6.el6_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"product": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"product_id": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.14-6.el6_4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"product": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"product_id": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.14-6.el6_4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"product": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"product_id": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.src",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.src",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-6085",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2012-12-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "891142"
}
],
"notes": [
{
"category": "description",
"text": "The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: read_block() corrupt key input validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-6085"
},
{
"category": "external",
"summary": "RHBZ#891142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-6085",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6085"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-6085",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6085"
}
],
"release_date": "2012-12-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:21:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1459"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "GnuPG: read_block() corrupt key input validation"
},
{
"cve": "CVE-2013-4351",
"discovery_date": "2013-09-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1010137"
}
],
"notes": [
{
"category": "description",
"text": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnupg: treats no-usage-permitted keys as all-usages-permitted",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4351"
},
{
"category": "external",
"summary": "RHBZ#1010137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4351",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4351"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351"
}
],
"release_date": "2013-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:21:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1459"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "gnupg: treats no-usage-permitted keys as all-usages-permitted"
},
{
"acknowledgments": [
{
"names": [
"Werner Koch"
]
},
{
"names": [
"Taylor R Campbell"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2013-4402",
"discovery_date": "2013-10-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1015685"
}
],
"notes": [
{
"category": "description",
"text": "The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: infinite recursion in the compressed packet parser DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4402"
},
{
"category": "external",
"summary": "RHBZ#1015685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4402",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402"
}
],
"release_date": "2013-10-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:21:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1459"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "GnuPG: infinite recursion in the compressed packet parser DoS"
}
]
}
RHSA-2013:1458
Vulnerability from csaf_redhat - Published: 2013-10-24 15:16 - Updated: 2025-11-21 17:45Summary
Red Hat Security Advisory: gnupg security update
Notes
Topic
An updated gnupg package that fixes multiple security issues is now
available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and
creating digital signatures, compliant with the proposed OpenPGP Internet
standard and the S/MIME standard.
It was found that GnuPG was vulnerable to the Yarom/Falkner flush+reload
cache side-channel attack on the RSA secret exponent. An attacker able to
execute a process on the logical CPU that shared the L3 cache with the
GnuPG process (such as a different local user or a user of a KVM guest
running on the same host with the kernel same-page merging functionality
enabled) could possibly use this flaw to obtain portions of the RSA secret
key. (CVE-2013-4242)
A denial of service flaw was found in the way GnuPG parsed certain
compressed OpenPGP packets. An attacker could use this flaw to send
specially crafted input data to GnuPG, making GnuPG enter an infinite loop
when parsing data. (CVE-2013-4402)
It was found that importing a corrupted public key into a GnuPG keyring
database corrupted that keyring. An attacker could use this flaw to trick a
local user into importing a specially crafted public key into their keyring
database, causing the keyring to be corrupted and preventing its further
use. (CVE-2012-6085)
It was found that GnuPG did not properly interpret the key flags in a PGP
key packet. GPG could accept a key for uses not indicated by its holder.
(CVE-2013-4351)
Red Hat would like to thank Werner Koch for reporting the CVE-2013-4402
issue. Upstream acknowledges Taylor R Campbell as the original reporter.
All gnupg users are advised to upgrade to this updated package, which
contains backported patches to correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated gnupg package that fixes multiple security issues is now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and\ncreating digital signatures, compliant with the proposed OpenPGP Internet\nstandard and the S/MIME standard.\n\nIt was found that GnuPG was vulnerable to the Yarom/Falkner flush+reload\ncache side-channel attack on the RSA secret exponent. An attacker able to\nexecute a process on the logical CPU that shared the L3 cache with the\nGnuPG process (such as a different local user or a user of a KVM guest\nrunning on the same host with the kernel same-page merging functionality\nenabled) could possibly use this flaw to obtain portions of the RSA secret\nkey. (CVE-2013-4242)\n\nA denial of service flaw was found in the way GnuPG parsed certain\ncompressed OpenPGP packets. An attacker could use this flaw to send\nspecially crafted input data to GnuPG, making GnuPG enter an infinite loop\nwhen parsing data. (CVE-2013-4402)\n\nIt was found that importing a corrupted public key into a GnuPG keyring\ndatabase corrupted that keyring. An attacker could use this flaw to trick a\nlocal user into importing a specially crafted public key into their keyring\ndatabase, causing the keyring to be corrupted and preventing its further\nuse. (CVE-2012-6085)\n\nIt was found that GnuPG did not properly interpret the key flags in a PGP\nkey packet. GPG could accept a key for uses not indicated by its holder.\n(CVE-2013-4351)\n\nRed Hat would like to thank Werner Koch for reporting the CVE-2013-4402\nissue. Upstream acknowledges Taylor R Campbell as the original reporter.\n\nAll gnupg users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:1458",
"url": "https://access.redhat.com/errata/RHSA-2013:1458"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "891142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891142"
},
{
"category": "external",
"summary": "988589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=988589"
},
{
"category": "external",
"summary": "1010137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"category": "external",
"summary": "1015685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1458.json"
}
],
"title": "Red Hat Security Advisory: gnupg security update",
"tracking": {
"current_release_date": "2025-11-21T17:45:43+00:00",
"generator": {
"date": "2025-11-21T17:45:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2013:1458",
"initial_release_date": "2013-10-24T15:16:00+00:00",
"revision_history": [
{
"date": "2013-10-24T15:16:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-10-24T15:22:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:45:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.s390x",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.s390x",
"product_id": "gnupg-0:1.4.5-18.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"product": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.src",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.src",
"product_id": "gnupg-0:1.4.5-18.el5_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.x86_64",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.x86_64",
"product_id": "gnupg-0:1.4.5-18.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"product": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.ia64",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.ia64",
"product_id": "gnupg-0:1.4.5-18.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"product": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.i386",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.i386",
"product_id": "gnupg-0:1.4.5-18.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"product": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.ppc",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.ppc",
"product_id": "gnupg-0:1.4.5-18.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"product": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.src",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.src",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-6085",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2012-12-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "891142"
}
],
"notes": [
{
"category": "description",
"text": "The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: read_block() corrupt key input validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-6085"
},
{
"category": "external",
"summary": "RHBZ#891142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-6085",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6085"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-6085",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6085"
}
],
"release_date": "2012-12-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:16:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1458"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "GnuPG: read_block() corrupt key input validation"
},
{
"cve": "CVE-2013-4242",
"discovery_date": "2013-07-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "988589"
}
],
"notes": [
{
"category": "description",
"text": "GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the version of gnupg as shipped with Red Hat Enterprise Linux 5. This issue affects the version of libgcrypt as shipped with Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this issue as having moderate security impact, a future update may address this flaw. More technical details on this flaw are available at https://bugzilla.redhat.com/show_bug.cgi?id=988589#c12",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4242"
},
{
"category": "external",
"summary": "RHBZ#988589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=988589"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4242",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4242"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4242",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4242"
},
{
"category": "external",
"summary": "http://eprint.iacr.org/2013/448",
"url": "http://eprint.iacr.org/2013/448"
}
],
"release_date": "2013-07-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:16:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1458"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack"
},
{
"cve": "CVE-2013-4351",
"discovery_date": "2013-09-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1010137"
}
],
"notes": [
{
"category": "description",
"text": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnupg: treats no-usage-permitted keys as all-usages-permitted",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4351"
},
{
"category": "external",
"summary": "RHBZ#1010137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4351",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4351"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351"
}
],
"release_date": "2013-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:16:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1458"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "gnupg: treats no-usage-permitted keys as all-usages-permitted"
},
{
"acknowledgments": [
{
"names": [
"Werner Koch"
]
},
{
"names": [
"Taylor R Campbell"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2013-4402",
"discovery_date": "2013-10-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1015685"
}
],
"notes": [
{
"category": "description",
"text": "The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: infinite recursion in the compressed packet parser DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4402"
},
{
"category": "external",
"summary": "RHBZ#1015685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4402",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402"
}
],
"release_date": "2013-10-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:16:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1458"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "GnuPG: infinite recursion in the compressed packet parser DoS"
}
]
}
RHSA-2013_1459
Vulnerability from csaf_redhat - Published: 2013-10-24 15:21 - Updated: 2024-11-22 07:13Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An updated gnupg2 package that fixes three security issues is now available
for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and
creating digital signatures, compliant with the proposed OpenPGP Internet
standard and the S/MIME standard.
A denial of service flaw was found in the way GnuPG parsed certain
compressed OpenPGP packets. An attacker could use this flaw to send
specially crafted input data to GnuPG, making GnuPG enter an infinite loop
when parsing data. (CVE-2013-4402)
It was found that importing a corrupted public key into a GnuPG keyring
database corrupted that keyring. An attacker could use this flaw to trick a
local user into importing a specially crafted public key into their keyring
database, causing the keyring to be corrupted and preventing its further
use. (CVE-2012-6085)
It was found that GnuPG did not properly interpret the key flags in a PGP
key packet. GPG could accept a key for uses not indicated by its holder.
(CVE-2013-4351)
Red Hat would like to thank Werner Koch for reporting the CVE-2013-4402
issue. Upstream acknowledges Taylor R Campbell as the original reporter.
All gnupg2 users are advised to upgrade to this updated package, which
contains backported patches to correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated gnupg2 package that fixes three security issues is now available\nfor Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and\ncreating digital signatures, compliant with the proposed OpenPGP Internet\nstandard and the S/MIME standard.\n\nA denial of service flaw was found in the way GnuPG parsed certain\ncompressed OpenPGP packets. An attacker could use this flaw to send\nspecially crafted input data to GnuPG, making GnuPG enter an infinite loop\nwhen parsing data. (CVE-2013-4402)\n\nIt was found that importing a corrupted public key into a GnuPG keyring\ndatabase corrupted that keyring. An attacker could use this flaw to trick a\nlocal user into importing a specially crafted public key into their keyring\ndatabase, causing the keyring to be corrupted and preventing its further\nuse. (CVE-2012-6085)\n\nIt was found that GnuPG did not properly interpret the key flags in a PGP\nkey packet. GPG could accept a key for uses not indicated by its holder.\n(CVE-2013-4351)\n\nRed Hat would like to thank Werner Koch for reporting the CVE-2013-4402\nissue. Upstream acknowledges Taylor R Campbell as the original reporter.\n\nAll gnupg2 users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:1459",
"url": "https://access.redhat.com/errata/RHSA-2013:1459"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "891142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891142"
},
{
"category": "external",
"summary": "1010137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"category": "external",
"summary": "1015685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1459.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2024-11-22T07:13:31+00:00",
"generator": {
"date": "2024-11-22T07:13:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2013:1459",
"initial_release_date": "2013-10-24T15:21:00+00:00",
"revision_history": [
{
"date": "2013-10-24T15:21:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-10-24T15:22:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T07:13:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.src",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.src",
"product_id": "gnupg2-0:2.0.10-6.el5_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=src"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.0.14-6.el6_4.src",
"product": {
"name": "gnupg2-0:2.0.14-6.el6_4.src",
"product_id": "gnupg2-0:2.0.14-6.el6_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.i386",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.i386",
"product_id": "gnupg2-0:2.0.10-6.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"product": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.x86_64",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.x86_64",
"product_id": "gnupg2-0:2.0.10-6.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"product": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"product_id": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.14-6.el6_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"product_id": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.14-6.el6_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"product": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"product_id": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.ia64",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.ia64",
"product_id": "gnupg2-0:2.0.10-6.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"product": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.s390x",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.s390x",
"product_id": "gnupg2-0:2.0.10-6.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"product": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"product_id": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.14-6.el6_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"product_id": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.14-6.el6_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.0.14-6.el6_4.s390x",
"product": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x",
"product_id": "gnupg2-0:2.0.14-6.el6_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.ppc",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.ppc",
"product_id": "gnupg2-0:2.0.10-6.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"product": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"product": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"product_id": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.14-6.el6_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"product": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"product_id": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.14-6.el6_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.0.14-6.el6_4.i686",
"product": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686",
"product_id": "gnupg2-0:2.0.14-6.el6_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"product": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"product_id": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.14-6.el6_4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"product": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"product_id": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.14-6.el6_4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"product": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"product_id": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.src",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.src",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-6085",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2012-12-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "891142"
}
],
"notes": [
{
"category": "description",
"text": "The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: read_block() corrupt key input validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-6085"
},
{
"category": "external",
"summary": "RHBZ#891142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-6085",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6085"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-6085",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6085"
}
],
"release_date": "2012-12-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:21:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1459"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "GnuPG: read_block() corrupt key input validation"
},
{
"cve": "CVE-2013-4351",
"discovery_date": "2013-09-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1010137"
}
],
"notes": [
{
"category": "description",
"text": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnupg: treats no-usage-permitted keys as all-usages-permitted",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4351"
},
{
"category": "external",
"summary": "RHBZ#1010137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4351",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4351"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351"
}
],
"release_date": "2013-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:21:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1459"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "gnupg: treats no-usage-permitted keys as all-usages-permitted"
},
{
"acknowledgments": [
{
"names": [
"Werner Koch"
]
},
{
"names": [
"Taylor R Campbell"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2013-4402",
"discovery_date": "2013-10-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1015685"
}
],
"notes": [
{
"category": "description",
"text": "The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: infinite recursion in the compressed packet parser DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4402"
},
{
"category": "external",
"summary": "RHBZ#1015685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4402",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402"
}
],
"release_date": "2013-10-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:21:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1459"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "GnuPG: infinite recursion in the compressed packet parser DoS"
}
]
}
GHSA-C6GV-GGMM-8J39
Vulnerability from github – Published: 2022-05-17 04:55 – Updated: 2022-05-17 04:55
VLAI?
Details
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
{
"affected": [],
"aliases": [
"CVE-2013-4351"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2013-10-10T00:55:00Z",
"severity": "MODERATE"
},
"details": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.",
"id": "GHSA-c6gv-ggmm-8j39",
"modified": "2022-05-17T04:55:13Z",
"published": "2022-05-17T04:55:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
},
{
"type": "WEB",
"url": "http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138"
},
{
"type": "WEB",
"url": "http://ubuntu.com/usn/usn-1987-1"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2013/dsa-2773"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2013/dsa-2774"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2013/09/13/4"
}
],
"schema_version": "1.4.0",
"severity": []
}
FKIE_CVE-2013-4351
Vulnerability from fkie_nvd - Published: 2013-10-10 00:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnupg | gnupg | 1.4.0 | |
| gnupg | gnupg | 1.4.2 | |
| gnupg | gnupg | 1.4.3 | |
| gnupg | gnupg | 1.4.4 | |
| gnupg | gnupg | 1.4.5 | |
| gnupg | gnupg | 1.4.6 | |
| gnupg | gnupg | 1.4.8 | |
| gnupg | gnupg | 1.4.10 | |
| gnupg | gnupg | 1.4.11 | |
| gnupg | gnupg | 1.4.12 | |
| gnupg | gnupg | 1.4.13 | |
| gnupg | gnupg | 2.0 | |
| gnupg | gnupg | 2.0.1 | |
| gnupg | gnupg | 2.0.3 | |
| gnupg | gnupg | 2.0.4 | |
| gnupg | gnupg | 2.0.5 | |
| gnupg | gnupg | 2.0.6 | |
| gnupg | gnupg | 2.0.7 | |
| gnupg | gnupg | 2.0.8 | |
| gnupg | gnupg | 2.0.10 | |
| gnupg | gnupg | 2.0.11 | |
| gnupg | gnupg | 2.0.12 | |
| gnupg | gnupg | 2.0.13 | |
| gnupg | gnupg | 2.0.14 | |
| gnupg | gnupg | 2.0.15 | |
| gnupg | gnupg | 2.0.16 | |
| gnupg | gnupg | 2.0.17 | |
| gnupg | gnupg | 2.0.18 | |
| gnupg | gnupg | 2.0.19 | |
| gnupg | gnupg | 2.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnupg:gnupg:1.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "28374619-966D-4F38-B83E-A6296F27CC05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "22A28CDF-F2AF-4D49-9FB1-AED34A758289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:1.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6399A22D-90DF-4CB5-9367-0C5242BD1A2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:1.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D63B0B4A-3998-4A4F-AD7A-BB8CEBE897B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FDA6934A-3D02-4749-A147-BE538C0AF27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:1.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8B238CA5-3B4D-4D6A-92CA-39A7CD57AF40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:1.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DC6150E3-1D7C-44DA-BA57-35AB26F881B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:1.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3EB20A34-5E11-4D70-B3DE-66DD9863AE0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:1.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "CA47467D-3D96-46DB-B0AC-D28586829710",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:1.4.12:*:*:*:*:*:*:*",
"matchCriteriaId": "68B68F2F-0718-4C87-9629-4657DC49EECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:1.4.13:*:*:*:*:*:*:*",
"matchCriteriaId": "69D492F9-2064-488A-BD16-99DD865D2BF6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "47C64072-FC9C-4CA9-9752-3BC08839E319",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7C14D838-595F-4D1C-88B9-073937316923",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CBF8F2C7-574C-4768-ABAA-E3D9236299CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "113D566B-B596-4612-9D11-E238602A603E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4CFC52C5-1148-4AC6-AAA2-8343E0C2029E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E07E370B-4D2E-4EEC-A3EB-47AA9283278D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6E3C52E7-454B-4FE9-9068-87ACB2925A5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "90B62D8E-3A37-4D7A-B674-06FFD80B86FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "59D27E52-B850-4BC0-B81A-A031BC50514B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "A0035132-40B2-4C7E-B6E3-F70117F3FC3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "3B2D7B2D-CEBC-42BA-90E0-5C71BA39F5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "0626EEB2-39B3-4154-9F99-027057B33D1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "752E350F-E1EB-47CE-95E7-F990F4453BF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F223B411-B9A6-49D4-A9BA-4FBF74B85A0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "0F9C4712-169A-4010-B143-98690803E5BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F4E76177-9B90-40F2-AB9D-7C7249DEC497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "A384E132-188E-40AC-84C9-D46A589EE766",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "27BE1F8C-EE11-4E9B-9745-037F3AC7CC63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnupg:gnupg:2.1.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "10427264-78E1-4FB1-A8EF-BDB0C9822DB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey."
},
{
"lang": "es",
"value": "GnuPG 1.4.x, y 2.1.x trata un subpaquete de flags clave con todos los bits a 0 (sin uso permitido) como si tuviera todos los bits establecidos (todo uso permitido) lo que permitir\u00eda a atacantes remotos evadir mecanismos de protecci\u00f3n criptogr\u00e1fica intencionada mediante el aprovechamiento de la subclave."
}
],
"id": "CVE-2013-4351",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-10T00:55:15.023",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
},
{
"source": "secalert@redhat.com",
"url": "http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138"
},
{
"source": "secalert@redhat.com",
"url": "http://ubuntu.com/usn/usn-1987-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2013/dsa-2773"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2013/dsa-2774"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2013/09/13/4"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://ubuntu.com/usn/usn-1987-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2013/dsa-2773"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2013/dsa-2774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2013/09/13/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2013-4351
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2013-4351",
"description": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.",
"id": "GSD-2013-4351",
"references": [
"https://www.suse.com/security/cve/CVE-2013-4351.html",
"https://www.debian.org/security/2013/dsa-2773",
"https://www.debian.org/security/2013/dsa-2774",
"https://access.redhat.com/errata/RHSA-2013:1459",
"https://access.redhat.com/errata/RHSA-2013:1458",
"https://advisories.mageia.org/CVE-2013-4351.html",
"https://alas.aws.amazon.com/cve/html/CVE-2013-4351.html",
"https://linux.oracle.com/cve/CVE-2013-4351.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2013-4351"
],
"details": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.",
"id": "GSD-2013-4351",
"modified": "2023-12-13T01:22:15.935159Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://rhn.redhat.com/errata/RHSA-2013-1459.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
},
{
"name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html"
},
{
"name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html"
},
{
"name": "http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138",
"refsource": "MISC",
"url": "http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138"
},
{
"name": "http://ubuntu.com/usn/usn-1987-1",
"refsource": "MISC",
"url": "http://ubuntu.com/usn/usn-1987-1"
},
{
"name": "http://www.debian.org/security/2013/dsa-2773",
"refsource": "MISC",
"url": "http://www.debian.org/security/2013/dsa-2773"
},
{
"name": "http://www.debian.org/security/2013/dsa-2774",
"refsource": "MISC",
"url": "http://www.debian.org/security/2013/dsa-2774"
},
{
"name": "http://www.openwall.com/lists/oss-security/2013/09/13/4",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2013/09/13/4"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.1.0:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4351"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137",
"refsource": "CONFIRM",
"tags": [],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"name": "http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138",
"refsource": "CONFIRM",
"tags": [],
"url": "http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138"
},
{
"name": "USN-1987-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://ubuntu.com/usn/usn-1987-1"
},
{
"name": "[oss-security] 20130913 Re: GnuPG treats no-usage-permitted keys as all-usages-permitted",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2013/09/13/4"
},
{
"name": "openSUSE-SU-2013:1532",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html"
},
{
"name": "openSUSE-SU-2013:1526",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html"
},
{
"name": "DSA-2773",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2013/dsa-2773"
},
{
"name": "DSA-2774",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2013/dsa-2774"
},
{
"name": "RHSA-2013:1459",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2014-01-04T04:48Z",
"publishedDate": "2013-10-10T00:55Z"
}
}
}
OPENSUSE-SU-2024:10102-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
gpg2-2.1.16-1.1 on GA media
Notes
Title of the patch
gpg2-2.1.16-1.1 on GA media
Description of the patch
These are all security issues fixed in the gpg2-2.1.16-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10102
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "gpg2-2.1.16-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the gpg2-2.1.16-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10102",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10102-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-2547 page",
"url": "https://www.suse.com/security/cve/CVE-2010-2547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-4351 page",
"url": "https://www.suse.com/security/cve/CVE-2013-4351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-4402 page",
"url": "https://www.suse.com/security/cve/CVE-2013-4402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-4617 page",
"url": "https://www.suse.com/security/cve/CVE-2014-4617/"
}
],
"title": "gpg2-2.1.16-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10102-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "gpg2-2.1.16-1.1.aarch64",
"product": {
"name": "gpg2-2.1.16-1.1.aarch64",
"product_id": "gpg2-2.1.16-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-lang-2.1.16-1.1.aarch64",
"product": {
"name": "gpg2-lang-2.1.16-1.1.aarch64",
"product_id": "gpg2-lang-2.1.16-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-2.1.16-1.1.ppc64le",
"product": {
"name": "gpg2-2.1.16-1.1.ppc64le",
"product_id": "gpg2-2.1.16-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-lang-2.1.16-1.1.ppc64le",
"product": {
"name": "gpg2-lang-2.1.16-1.1.ppc64le",
"product_id": "gpg2-lang-2.1.16-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-2.1.16-1.1.s390x",
"product": {
"name": "gpg2-2.1.16-1.1.s390x",
"product_id": "gpg2-2.1.16-1.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-lang-2.1.16-1.1.s390x",
"product": {
"name": "gpg2-lang-2.1.16-1.1.s390x",
"product_id": "gpg2-lang-2.1.16-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-2.1.16-1.1.x86_64",
"product": {
"name": "gpg2-2.1.16-1.1.x86_64",
"product_id": "gpg2-2.1.16-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-lang-2.1.16-1.1.x86_64",
"product": {
"name": "gpg2-lang-2.1.16-1.1.x86_64",
"product_id": "gpg2-lang-2.1.16-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.1.16-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-2.1.16-1.1.aarch64"
},
"product_reference": "gpg2-2.1.16-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.1.16-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-2.1.16-1.1.ppc64le"
},
"product_reference": "gpg2-2.1.16-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.1.16-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-2.1.16-1.1.s390x"
},
"product_reference": "gpg2-2.1.16-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.1.16-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-2.1.16-1.1.x86_64"
},
"product_reference": "gpg2-2.1.16-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.1.16-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.aarch64"
},
"product_reference": "gpg2-lang-2.1.16-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.1.16-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.ppc64le"
},
"product_reference": "gpg2-lang-2.1.16-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.1.16-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.s390x"
},
"product_reference": "gpg2-lang-2.1.16-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.1.16-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.x86_64"
},
"product_reference": "gpg2-lang-2.1.16-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2010-2547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-2547"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a certificate with a large number of Subject Alternate Names, which is not properly handled in a realloc operation when importing the certificate or verifying its signature.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-2547",
"url": "https://www.suse.com/security/cve/CVE-2010-2547"
},
{
"category": "external",
"summary": "SUSE Bug 625947 for CVE-2010-2547",
"url": "https://bugzilla.suse.com/625947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2010-2547"
},
{
"cve": "CVE-2013-4351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-4351"
}
],
"notes": [
{
"category": "general",
"text": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-4351",
"url": "https://www.suse.com/security/cve/CVE-2013-4351"
},
{
"category": "external",
"summary": "SUSE Bug 840510 for CVE-2013-4351",
"url": "https://bugzilla.suse.com/840510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2013-4351"
},
{
"cve": "CVE-2013-4402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-4402"
}
],
"notes": [
{
"category": "general",
"text": "The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-4402",
"url": "https://www.suse.com/security/cve/CVE-2013-4402"
},
{
"category": "external",
"summary": "SUSE Bug 844175 for CVE-2013-4402",
"url": "https://bugzilla.suse.com/844175"
},
{
"category": "external",
"summary": "SUSE Bug 941439 for CVE-2013-4402",
"url": "https://bugzilla.suse.com/941439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2013-4402"
},
{
"cve": "CVE-2014-4617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-4617"
}
],
"notes": [
{
"category": "general",
"text": "The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-4617",
"url": "https://www.suse.com/security/cve/CVE-2014-4617"
},
{
"category": "external",
"summary": "SUSE Bug 884130 for CVE-2014-4617",
"url": "https://bugzilla.suse.com/884130"
},
{
"category": "external",
"summary": "SUSE Bug 962098 for CVE-2014-4617",
"url": "https://bugzilla.suse.com/962098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-2.1.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-lang-2.1.16-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2014-4617"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…