Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2013-4351
Vulnerability from cvelistv5
Published
2013-10-10 00:00
Modified
2024-08-06 16:38
Severity ?
EPSS score ?
Summary
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.888Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138"
},
{
"name": "openSUSE-SU-2013:1532",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html"
},
{
"name": "USN-1987-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://ubuntu.com/usn/usn-1987-1"
},
{
"name": "DSA-2773",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2773"
},
{
"name": "[oss-security] 20130913 Re: GnuPG treats no-usage-permitted keys as all-usages-permitted",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2013/09/13/4"
},
{
"name": "RHSA-2013:1459",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
},
{
"name": "openSUSE-SU-2013:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html"
},
{
"name": "DSA-2774",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2774"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-01-02T14:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138"
},
{
"name": "openSUSE-SU-2013:1532",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html"
},
{
"name": "USN-1987-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://ubuntu.com/usn/usn-1987-1"
},
{
"name": "DSA-2773",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2773"
},
{
"name": "[oss-security] 20130913 Re: GnuPG treats no-usage-permitted keys as all-usages-permitted",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2013/09/13/4"
},
{
"name": "RHSA-2013:1459",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
},
{
"name": "openSUSE-SU-2013:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html"
},
{
"name": "DSA-2774",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2774"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4351",
"datePublished": "2013-10-10T00:00:00",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:38:01.888Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2013-4351\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-10-10T00:55:15.023\",\"lastModified\":\"2024-11-21T01:55:24.340\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.\"},{\"lang\":\"es\",\"value\":\"GnuPG 1.4.x, y 2.1.x trata un subpaquete de flags clave con todos los bits a 0 (sin uso permitido) como si tuviera todos los bits establecidos (todo uso permitido) lo que permitir\u00eda a atacantes remotos evadir mecanismos de protecci\u00f3n criptogr\u00e1fica intencionada mediante el aprovechamiento de la subclave.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:N\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-310\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28374619-966D-4F38-B83E-A6296F27CC05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22A28CDF-F2AF-4D49-9FB1-AED34A758289\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6399A22D-90DF-4CB5-9367-0C5242BD1A2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D63B0B4A-3998-4A4F-AD7A-BB8CEBE897B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDA6934A-3D02-4749-A147-BE538C0AF27F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B238CA5-3B4D-4D6A-92CA-39A7CD57AF40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC6150E3-1D7C-44DA-BA57-35AB26F881B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EB20A34-5E11-4D70-B3DE-66DD9863AE0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA47467D-3D96-46DB-B0AC-D28586829710\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68B68F2F-0718-4C87-9629-4657DC49EECC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69D492F9-2064-488A-BD16-99DD865D2BF6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47C64072-FC9C-4CA9-9752-3BC08839E319\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C14D838-595F-4D1C-88B9-073937316923\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CBF8F2C7-574C-4768-ABAA-E3D9236299CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"113D566B-B596-4612-9D11-E238602A603E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CFC52C5-1148-4AC6-AAA2-8343E0C2029E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E07E370B-4D2E-4EEC-A3EB-47AA9283278D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E3C52E7-454B-4FE9-9068-87ACB2925A5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90B62D8E-3A37-4D7A-B674-06FFD80B86FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59D27E52-B850-4BC0-B81A-A031BC50514B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0035132-40B2-4C7E-B6E3-F70117F3FC3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B2D7B2D-CEBC-42BA-90E0-5C71BA39F5BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0626EEB2-39B3-4154-9F99-027057B33D1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"752E350F-E1EB-47CE-95E7-F990F4453BF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F223B411-B9A6-49D4-A9BA-4FBF74B85A0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F9C4712-169A-4010-B143-98690803E5BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4E76177-9B90-40F2-AB9D-7C7249DEC497\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A384E132-188E-40AC-84C9-D46A589EE766\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27BE1F8C-EE11-4E9B-9745-037F3AC7CC63\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.1.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"10427264-78E1-4FB1-A8EF-BDB0C9822DB5\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1459.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://ubuntu.com/usn/usn-1987-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2773\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2774\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2013/09/13/4\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1010137\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1459.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://ubuntu.com/usn/usn-1987-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2773\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2774\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2013/09/13/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1010137\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
gsd-2013-4351
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2013-4351",
"description": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.",
"id": "GSD-2013-4351",
"references": [
"https://www.suse.com/security/cve/CVE-2013-4351.html",
"https://www.debian.org/security/2013/dsa-2773",
"https://www.debian.org/security/2013/dsa-2774",
"https://access.redhat.com/errata/RHSA-2013:1459",
"https://access.redhat.com/errata/RHSA-2013:1458",
"https://advisories.mageia.org/CVE-2013-4351.html",
"https://alas.aws.amazon.com/cve/html/CVE-2013-4351.html",
"https://linux.oracle.com/cve/CVE-2013-4351.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2013-4351"
],
"details": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.",
"id": "GSD-2013-4351",
"modified": "2023-12-13T01:22:15.935159Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4351",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://rhn.redhat.com/errata/RHSA-2013-1459.html",
"refsource": "MISC",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
},
{
"name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html"
},
{
"name": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html",
"refsource": "MISC",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html"
},
{
"name": "http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138",
"refsource": "MISC",
"url": "http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138"
},
{
"name": "http://ubuntu.com/usn/usn-1987-1",
"refsource": "MISC",
"url": "http://ubuntu.com/usn/usn-1987-1"
},
{
"name": "http://www.debian.org/security/2013/dsa-2773",
"refsource": "MISC",
"url": "http://www.debian.org/security/2013/dsa-2773"
},
{
"name": "http://www.debian.org/security/2013/dsa-2774",
"refsource": "MISC",
"url": "http://www.debian.org/security/2013/dsa-2774"
},
{
"name": "http://www.openwall.com/lists/oss-security/2013/09/13/4",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2013/09/13/4"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.1.0:beta1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4351"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137",
"refsource": "CONFIRM",
"tags": [],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"name": "http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138",
"refsource": "CONFIRM",
"tags": [],
"url": "http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138"
},
{
"name": "USN-1987-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://ubuntu.com/usn/usn-1987-1"
},
{
"name": "[oss-security] 20130913 Re: GnuPG treats no-usage-permitted keys as all-usages-permitted",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2013/09/13/4"
},
{
"name": "openSUSE-SU-2013:1532",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html"
},
{
"name": "openSUSE-SU-2013:1526",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html"
},
{
"name": "DSA-2773",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2013/dsa-2773"
},
{
"name": "DSA-2774",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2013/dsa-2774"
},
{
"name": "RHSA-2013:1459",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2014-01-04T04:48Z",
"publishedDate": "2013-10-10T00:55Z"
}
}
}
rhsa-2013_1458
Vulnerability from csaf_redhat
Published
2013-10-24 15:16
Modified
2024-11-22 07:13
Summary
Red Hat Security Advisory: gnupg security update
Notes
Topic
An updated gnupg package that fixes multiple security issues is now
available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and
creating digital signatures, compliant with the proposed OpenPGP Internet
standard and the S/MIME standard.
It was found that GnuPG was vulnerable to the Yarom/Falkner flush+reload
cache side-channel attack on the RSA secret exponent. An attacker able to
execute a process on the logical CPU that shared the L3 cache with the
GnuPG process (such as a different local user or a user of a KVM guest
running on the same host with the kernel same-page merging functionality
enabled) could possibly use this flaw to obtain portions of the RSA secret
key. (CVE-2013-4242)
A denial of service flaw was found in the way GnuPG parsed certain
compressed OpenPGP packets. An attacker could use this flaw to send
specially crafted input data to GnuPG, making GnuPG enter an infinite loop
when parsing data. (CVE-2013-4402)
It was found that importing a corrupted public key into a GnuPG keyring
database corrupted that keyring. An attacker could use this flaw to trick a
local user into importing a specially crafted public key into their keyring
database, causing the keyring to be corrupted and preventing its further
use. (CVE-2012-6085)
It was found that GnuPG did not properly interpret the key flags in a PGP
key packet. GPG could accept a key for uses not indicated by its holder.
(CVE-2013-4351)
Red Hat would like to thank Werner Koch for reporting the CVE-2013-4402
issue. Upstream acknowledges Taylor R Campbell as the original reporter.
All gnupg users are advised to upgrade to this updated package, which
contains backported patches to correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated gnupg package that fixes multiple security issues is now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and\ncreating digital signatures, compliant with the proposed OpenPGP Internet\nstandard and the S/MIME standard.\n\nIt was found that GnuPG was vulnerable to the Yarom/Falkner flush+reload\ncache side-channel attack on the RSA secret exponent. An attacker able to\nexecute a process on the logical CPU that shared the L3 cache with the\nGnuPG process (such as a different local user or a user of a KVM guest\nrunning on the same host with the kernel same-page merging functionality\nenabled) could possibly use this flaw to obtain portions of the RSA secret\nkey. (CVE-2013-4242)\n\nA denial of service flaw was found in the way GnuPG parsed certain\ncompressed OpenPGP packets. An attacker could use this flaw to send\nspecially crafted input data to GnuPG, making GnuPG enter an infinite loop\nwhen parsing data. (CVE-2013-4402)\n\nIt was found that importing a corrupted public key into a GnuPG keyring\ndatabase corrupted that keyring. An attacker could use this flaw to trick a\nlocal user into importing a specially crafted public key into their keyring\ndatabase, causing the keyring to be corrupted and preventing its further\nuse. (CVE-2012-6085)\n\nIt was found that GnuPG did not properly interpret the key flags in a PGP\nkey packet. GPG could accept a key for uses not indicated by its holder.\n(CVE-2013-4351)\n\nRed Hat would like to thank Werner Koch for reporting the CVE-2013-4402\nissue. Upstream acknowledges Taylor R Campbell as the original reporter.\n\nAll gnupg users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:1458",
"url": "https://access.redhat.com/errata/RHSA-2013:1458"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "891142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891142"
},
{
"category": "external",
"summary": "988589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=988589"
},
{
"category": "external",
"summary": "1010137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"category": "external",
"summary": "1015685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1458.json"
}
],
"title": "Red Hat Security Advisory: gnupg security update",
"tracking": {
"current_release_date": "2024-11-22T07:13:28+00:00",
"generator": {
"date": "2024-11-22T07:13:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2013:1458",
"initial_release_date": "2013-10-24T15:16:00+00:00",
"revision_history": [
{
"date": "2013-10-24T15:16:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-10-24T15:22:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T07:13:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.s390x",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.s390x",
"product_id": "gnupg-0:1.4.5-18.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"product": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.src",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.src",
"product_id": "gnupg-0:1.4.5-18.el5_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.x86_64",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.x86_64",
"product_id": "gnupg-0:1.4.5-18.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"product": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.ia64",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.ia64",
"product_id": "gnupg-0:1.4.5-18.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"product": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.i386",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.i386",
"product_id": "gnupg-0:1.4.5-18.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"product": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg-0:1.4.5-18.el5_10.ppc",
"product": {
"name": "gnupg-0:1.4.5-18.el5_10.ppc",
"product_id": "gnupg-0:1.4.5-18.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"product": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.src",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.src",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-0:1.4.5-18.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64"
},
"product_reference": "gnupg-0:1.4.5-18.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
},
"product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-6085",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2012-12-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "891142"
}
],
"notes": [
{
"category": "description",
"text": "The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: read_block() corrupt key input validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-6085"
},
{
"category": "external",
"summary": "RHBZ#891142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-6085",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6085"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-6085",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6085"
}
],
"release_date": "2012-12-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:16:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1458"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "GnuPG: read_block() corrupt key input validation"
},
{
"cve": "CVE-2013-4242",
"discovery_date": "2013-07-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "988589"
}
],
"notes": [
{
"category": "description",
"text": "GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the version of gnupg as shipped with Red Hat Enterprise Linux 5. This issue affects the version of libgcrypt as shipped with Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this issue as having moderate security impact, a future update may address this flaw. More technical details on this flaw are available at https://bugzilla.redhat.com/show_bug.cgi?id=988589#c12",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4242"
},
{
"category": "external",
"summary": "RHBZ#988589",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=988589"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4242",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4242"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4242",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4242"
},
{
"category": "external",
"summary": "http://eprint.iacr.org/2013/448",
"url": "http://eprint.iacr.org/2013/448"
}
],
"release_date": "2013-07-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:16:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1458"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack"
},
{
"cve": "CVE-2013-4351",
"discovery_date": "2013-09-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1010137"
}
],
"notes": [
{
"category": "description",
"text": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnupg: treats no-usage-permitted keys as all-usages-permitted",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4351"
},
{
"category": "external",
"summary": "RHBZ#1010137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4351",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4351"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351"
}
],
"release_date": "2013-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:16:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1458"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "gnupg: treats no-usage-permitted keys as all-usages-permitted"
},
{
"acknowledgments": [
{
"names": [
"Werner Koch"
]
},
{
"names": [
"Taylor R Campbell"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2013-4402",
"discovery_date": "2013-10-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1015685"
}
],
"notes": [
{
"category": "description",
"text": "The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: infinite recursion in the compressed packet parser DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4402"
},
{
"category": "external",
"summary": "RHBZ#1015685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4402",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402"
}
],
"release_date": "2013-10-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:16:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1458"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
"5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
"5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "GnuPG: infinite recursion in the compressed packet parser DoS"
}
]
}
rhsa-2013_1459
Vulnerability from csaf_redhat
Published
2013-10-24 15:21
Modified
2024-11-22 07:13
Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An updated gnupg2 package that fixes three security issues is now available
for Red Hat Enterprise Linux 5 and 6.
The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and
creating digital signatures, compliant with the proposed OpenPGP Internet
standard and the S/MIME standard.
A denial of service flaw was found in the way GnuPG parsed certain
compressed OpenPGP packets. An attacker could use this flaw to send
specially crafted input data to GnuPG, making GnuPG enter an infinite loop
when parsing data. (CVE-2013-4402)
It was found that importing a corrupted public key into a GnuPG keyring
database corrupted that keyring. An attacker could use this flaw to trick a
local user into importing a specially crafted public key into their keyring
database, causing the keyring to be corrupted and preventing its further
use. (CVE-2012-6085)
It was found that GnuPG did not properly interpret the key flags in a PGP
key packet. GPG could accept a key for uses not indicated by its holder.
(CVE-2013-4351)
Red Hat would like to thank Werner Koch for reporting the CVE-2013-4402
issue. Upstream acknowledges Taylor R Campbell as the original reporter.
All gnupg2 users are advised to upgrade to this updated package, which
contains backported patches to correct these issues.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated gnupg2 package that fixes three security issues is now available\nfor Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and\ncreating digital signatures, compliant with the proposed OpenPGP Internet\nstandard and the S/MIME standard.\n\nA denial of service flaw was found in the way GnuPG parsed certain\ncompressed OpenPGP packets. An attacker could use this flaw to send\nspecially crafted input data to GnuPG, making GnuPG enter an infinite loop\nwhen parsing data. (CVE-2013-4402)\n\nIt was found that importing a corrupted public key into a GnuPG keyring\ndatabase corrupted that keyring. An attacker could use this flaw to trick a\nlocal user into importing a specially crafted public key into their keyring\ndatabase, causing the keyring to be corrupted and preventing its further\nuse. (CVE-2012-6085)\n\nIt was found that GnuPG did not properly interpret the key flags in a PGP\nkey packet. GPG could accept a key for uses not indicated by its holder.\n(CVE-2013-4351)\n\nRed Hat would like to thank Werner Koch for reporting the CVE-2013-4402\nissue. Upstream acknowledges Taylor R Campbell as the original reporter.\n\nAll gnupg2 users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:1459",
"url": "https://access.redhat.com/errata/RHSA-2013:1459"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "891142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891142"
},
{
"category": "external",
"summary": "1010137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"category": "external",
"summary": "1015685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1459.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2024-11-22T07:13:31+00:00",
"generator": {
"date": "2024-11-22T07:13:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2013:1459",
"initial_release_date": "2013-10-24T15:21:00+00:00",
"revision_history": [
{
"date": "2013-10-24T15:21:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-10-24T15:22:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T07:13:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.src",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.src",
"product_id": "gnupg2-0:2.0.10-6.el5_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=src"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.0.14-6.el6_4.src",
"product": {
"name": "gnupg2-0:2.0.14-6.el6_4.src",
"product_id": "gnupg2-0:2.0.14-6.el6_4.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.i386",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.i386",
"product_id": "gnupg2-0:2.0.10-6.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=i386"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"product": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.x86_64",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.x86_64",
"product_id": "gnupg2-0:2.0.10-6.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"product": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"product_id": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.14-6.el6_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"product_id": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.14-6.el6_4?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"product": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"product_id": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.ia64",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.ia64",
"product_id": "gnupg2-0:2.0.10-6.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"product": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.s390x",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.s390x",
"product_id": "gnupg2-0:2.0.10-6.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"product": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"product_id": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.14-6.el6_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"product_id": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.14-6.el6_4?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.0.14-6.el6_4.s390x",
"product": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x",
"product_id": "gnupg2-0:2.0.14-6.el6_4.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.10-6.el5_10.ppc",
"product": {
"name": "gnupg2-0:2.0.10-6.el5_10.ppc",
"product_id": "gnupg2-0:2.0.10-6.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"product": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"product": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"product_id": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.14-6.el6_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"product": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"product_id": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.14-6.el6_4?arch=i686"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.0.14-6.el6_4.i686",
"product": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686",
"product_id": "gnupg2-0:2.0.14-6.el6_4.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"product": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"product_id": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.14-6.el6_4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"product": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"product_id": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.14-6.el6_4?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"product": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"product_id": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.src",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"relates_to_product_reference": "5Client-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.src",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.10-6.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64"
},
"product_reference": "gnupg2-0:2.0.10-6.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"relates_to_product_reference": "5Server-5.10.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Client-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.4.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2012-6085",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2012-12-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "891142"
}
],
"notes": [
{
"category": "description",
"text": "The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: read_block() corrupt key input validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2012-6085"
},
{
"category": "external",
"summary": "RHBZ#891142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=891142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2012-6085",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6085"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-6085",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6085"
}
],
"release_date": "2012-12-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:21:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1459"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "GnuPG: read_block() corrupt key input validation"
},
{
"cve": "CVE-2013-4351",
"discovery_date": "2013-09-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1010137"
}
],
"notes": [
{
"category": "description",
"text": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gnupg: treats no-usage-permitted keys as all-usages-permitted",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4351"
},
{
"category": "external",
"summary": "RHBZ#1010137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4351",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4351"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351"
}
],
"release_date": "2013-03-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:21:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1459"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "gnupg: treats no-usage-permitted keys as all-usages-permitted"
},
{
"acknowledgments": [
{
"names": [
"Werner Koch"
]
},
{
"names": [
"Taylor R Campbell"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2013-4402",
"discovery_date": "2013-10-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1015685"
}
],
"notes": [
{
"category": "description",
"text": "The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: infinite recursion in the compressed packet parser DoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4402"
},
{
"category": "external",
"summary": "RHBZ#1015685",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4402",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4402"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402"
}
],
"release_date": "2013-10-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-24T15:21:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1459"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
"5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
"5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
"6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
"6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "GnuPG: infinite recursion in the compressed packet parser DoS"
}
]
}
ghsa-c6gv-ggmm-8j39
Vulnerability from github
Published
2022-05-17 04:55
Modified
2022-05-17 04:55
Details
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.
{
"affected": [],
"aliases": [
"CVE-2013-4351"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2013-10-10T00:55:00Z",
"severity": "MODERATE"
},
"details": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.",
"id": "GHSA-c6gv-ggmm-8j39",
"modified": "2022-05-17T04:55:13Z",
"published": "2022-05-17T04:55:13Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00003.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00006.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
},
{
"type": "WEB",
"url": "http://thread.gmane.org/gmane.comp.encryption.gpg.devel/17712/focus=18138"
},
{
"type": "WEB",
"url": "http://ubuntu.com/usn/usn-1987-1"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2013/dsa-2773"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2013/dsa-2774"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2013/09/13/4"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.