cvelistv5 - cve-2013-4402

cve-2013-4402

Vulnerability from cvelistv5

Published

2013-10-28 22:00

Modified

2024-08-06 16:45

Severity ?

Summary

The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.

References

URL	Tags
secalert@redhat.com	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433
secalert@redhat.com	http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000333.html	Vendor Advisory
secalert@redhat.com	http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000334.html	Vendor Advisory
secalert@redhat.com	http://lists.opensuse.org/opensuse-updates/2013-10/msg00020.html
secalert@redhat.com	http://lists.opensuse.org/opensuse-updates/2013-10/msg00025.html
secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2013-1459.html
secalert@redhat.com	http://www.debian.org/security/2013/dsa-2773
secalert@redhat.com	http://www.debian.org/security/2013/dsa-2774
secalert@redhat.com	http://www.ubuntu.com/usn/USN-1987-1	Vendor Advisory
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=1015685
af854a3a-2127-422b-91ae-364da2661108	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433
af854a3a-2127-422b-91ae-364da2661108	http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000333.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000334.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2013-10/msg00020.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2013-10/msg00025.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1459.html
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2013/dsa-2773
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2013/dsa-2774
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1987-1	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1015685

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:45:14.601Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
          },
          {
            "name": "openSUSE-SU-2013:1546",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00020.html"
          },
          {
            "name": "[Gnupg-announce] 20131005 [Announce] [security fix] GnuPG 1.4.15 released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000334.html"
          },
          {
            "name": "USN-1987-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1987-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433"
          },
          {
            "name": "[Gnupg-announce] 20131005 [Announce] [security fix] GnuPG 2.0.22 released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000333.html"
          },
          {
            "name": "DSA-2773",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2773"
          },
          {
            "name": "openSUSE-SU-2013:1552",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00025.html"
          },
          {
            "name": "RHSA-2013:1459",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
          },
          {
            "name": "DSA-2774",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2774"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-10-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-01-02T14:57:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
        },
        {
          "name": "openSUSE-SU-2013:1546",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00020.html"
        },
        {
          "name": "[Gnupg-announce] 20131005 [Announce] [security fix] GnuPG 1.4.15 released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000334.html"
        },
        {
          "name": "USN-1987-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1987-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433"
        },
        {
          "name": "[Gnupg-announce] 20131005 [Announce] [security fix] GnuPG 2.0.22 released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000333.html"
        },
        {
          "name": "DSA-2773",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2773"
        },
        {
          "name": "openSUSE-SU-2013:1552",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00025.html"
        },
        {
          "name": "RHSA-2013:1459",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
        },
        {
          "name": "DSA-2774",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2774"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-4402",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
            },
            {
              "name": "openSUSE-SU-2013:1546",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00020.html"
            },
            {
              "name": "[Gnupg-announce] 20131005 [Announce] [security fix] GnuPG 1.4.15 released",
              "refsource": "MLIST",
              "url": "http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000334.html"
            },
            {
              "name": "USN-1987-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1987-1"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433",
              "refsource": "CONFIRM",
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433"
            },
            {
              "name": "[Gnupg-announce] 20131005 [Announce] [security fix] GnuPG 2.0.22 released",
              "refsource": "MLIST",
              "url": "http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000333.html"
            },
            {
              "name": "DSA-2773",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2773"
            },
            {
              "name": "openSUSE-SU-2013:1552",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00025.html"
            },
            {
              "name": "RHSA-2013:1459",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
            },
            {
              "name": "DSA-2774",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2774"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-4402",
    "datePublished": "2013-10-28T22:00:00",
    "dateReserved": "2013-06-12T00:00:00",
    "dateUpdated": "2024-08-06T16:45:14.601Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-4402\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-10-28T22:55:03.913\",\"lastModified\":\"2024-11-21T01:55:29.860\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.\"},{\"lang\":\"es\",\"value\":\"El analizador de paquetes comprimido en GnuPG versiones 1.4.x anteriores a 1.4.15 y versiones 2.0.x anteriores a 2.0.22, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (recursi\u00f3n infinita) por medio de un mensaje OpenPGP dise\u00f1ado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"28374619-966D-4F38-B83E-A6296F27CC05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22A28CDF-F2AF-4D49-9FB1-AED34A758289\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6399A22D-90DF-4CB5-9367-0C5242BD1A2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D63B0B4A-3998-4A4F-AD7A-BB8CEBE897B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDA6934A-3D02-4749-A147-BE538C0AF27F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC6150E3-1D7C-44DA-BA57-35AB26F881B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EB20A34-5E11-4D70-B3DE-66DD9863AE0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA47467D-3D96-46DB-B0AC-D28586829710\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"68B68F2F-0718-4C87-9629-4657DC49EECC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69D492F9-2064-488A-BD16-99DD865D2BF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:1.4.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4929286-63C2-45D0-B0C7-E14438D82883\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47C64072-FC9C-4CA9-9752-3BC08839E319\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C14D838-595F-4D1C-88B9-073937316923\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59D27E52-B850-4BC0-B81A-A031BC50514B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0035132-40B2-4C7E-B6E3-F70117F3FC3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B2D7B2D-CEBC-42BA-90E0-5C71BA39F5BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0626EEB2-39B3-4154-9F99-027057B33D1D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"752E350F-E1EB-47CE-95E7-F990F4453BF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F223B411-B9A6-49D4-A9BA-4FBF74B85A0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F9C4712-169A-4010-B143-98690803E5BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4E76177-9B90-40F2-AB9D-7C7249DEC497\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A384E132-188E-40AC-84C9-D46A589EE766\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27BE1F8C-EE11-4E9B-9745-037F3AC7CC63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F9F104E-7631-4ACE-8C4A-A86E8A8286E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:2.0.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E18FC24D-45ED-4E9D-A599-534D78CF60DD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*\",\"matchCriteriaId\":\"7118F616-25CA-4E34-AA13-4D14BB62419F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*\",\"matchCriteriaId\":\"F5D324C4-97C7-49D3-A809-9EAD4B690C69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2076871-2E80-4605-A470-A41C1A8EC7EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFAA48D9-BEB4-4E49-AD50-325C262D46D9\"}]}]}],\"references\":[{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000333.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000334.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-10/msg00020.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-10/msg00025.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1459.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2773\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2774\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1987-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1015685\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000333.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000334.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-10/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2013-10/msg00025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-1459.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2773\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2013/dsa-2774\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-1987-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1015685\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

gsd-2013-4402

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.

Aliases

CVE-2013-4402

Aliases

CVE-2013-4402

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-4402",
    "description": "The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.",
    "id": "GSD-2013-4402",
    "references": [
      "https://www.suse.com/security/cve/CVE-2013-4402.html",
      "https://www.debian.org/security/2013/dsa-2773",
      "https://www.debian.org/security/2013/dsa-2774",
      "https://access.redhat.com/errata/RHSA-2013:1459",
      "https://access.redhat.com/errata/RHSA-2013:1458",
      "https://advisories.mageia.org/CVE-2013-4402.html",
      "https://alas.aws.amazon.com/cve/html/CVE-2013-4402.html",
      "https://linux.oracle.com/cve/CVE-2013-4402.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-4402"
      ],
      "details": "The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.",
      "id": "GSD-2013-4402",
      "modified": "2023-12-13T01:22:16.589267Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2013-4402",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
          },
          {
            "name": "openSUSE-SU-2013:1546",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00020.html"
          },
          {
            "name": "[Gnupg-announce] 20131005 [Announce] [security fix] GnuPG 1.4.15 released",
            "refsource": "MLIST",
            "url": "http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000334.html"
          },
          {
            "name": "USN-1987-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1987-1"
          },
          {
            "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433",
            "refsource": "CONFIRM",
            "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433"
          },
          {
            "name": "[Gnupg-announce] 20131005 [Announce] [security fix] GnuPG 2.0.22 released",
            "refsource": "MLIST",
            "url": "http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000333.html"
          },
          {
            "name": "DSA-2773",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2013/dsa-2773"
          },
          {
            "name": "openSUSE-SU-2013:1552",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00025.html"
          },
          {
            "name": "RHSA-2013:1459",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
          },
          {
            "name": "DSA-2774",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2013/dsa-2774"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:2.0.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:gnupg:gnupg:1.4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:10.04:-:lts:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-4402"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-1987-1",
              "refsource": "UBUNTU",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.ubuntu.com/usn/USN-1987-1"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
            },
            {
              "name": "[Gnupg-announce] 20131005 [Announce] [security fix] GnuPG 2.0.22 released",
              "refsource": "MLIST",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000333.html"
            },
            {
              "name": "[Gnupg-announce] 20131005 [Announce] [security fix] GnuPG 1.4.15 released",
              "refsource": "MLIST",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000334.html"
            },
            {
              "name": "openSUSE-SU-2013:1552",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00025.html"
            },
            {
              "name": "openSUSE-SU-2013:1546",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00020.html"
            },
            {
              "name": "DSA-2773",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2013/dsa-2773"
            },
            {
              "name": "DSA-2774",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2013/dsa-2774"
            },
            {
              "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433"
            },
            {
              "name": "RHSA-2013:1459",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2014-01-04T04:48Z",
      "publishedDate": "2013-10-28T22:55Z"
    }
  }
}

rhsa-2013_1458

Vulnerability from csaf_redhat

Published

2013-10-24 15:16

Modified

2024-11-22 07:13

Summary

Red Hat Security Advisory: gnupg security update

Notes

Topic

An updated gnupg package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Details

The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. It was found that GnuPG was vulnerable to the Yarom/Falkner flush+reload cache side-channel attack on the RSA secret exponent. An attacker able to execute a process on the logical CPU that shared the L3 cache with the GnuPG process (such as a different local user or a user of a KVM guest running on the same host with the kernel same-page merging functionality enabled) could possibly use this flaw to obtain portions of the RSA secret key. (CVE-2013-4242) A denial of service flaw was found in the way GnuPG parsed certain compressed OpenPGP packets. An attacker could use this flaw to send specially crafted input data to GnuPG, making GnuPG enter an infinite loop when parsing data. (CVE-2013-4402) It was found that importing a corrupted public key into a GnuPG keyring database corrupted that keyring. An attacker could use this flaw to trick a local user into importing a specially crafted public key into their keyring database, causing the keyring to be corrupted and preventing its further use. (CVE-2012-6085) It was found that GnuPG did not properly interpret the key flags in a PGP key packet. GPG could accept a key for uses not indicated by its holder. (CVE-2013-4351) Red Hat would like to thank Werner Koch for reporting the CVE-2013-4402 issue. Upstream acknowledges Taylor R Campbell as the original reporter. All gnupg users are advised to upgrade to this updated package, which contains backported patches to correct these issues.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated gnupg package that fixes multiple security issues is now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and\ncreating digital signatures, compliant with the proposed OpenPGP Internet\nstandard and the S/MIME standard.\n\nIt was found that GnuPG was vulnerable to the Yarom/Falkner flush+reload\ncache side-channel attack on the RSA secret exponent. An attacker able to\nexecute a process on the logical CPU that shared the L3 cache with the\nGnuPG process (such as a different local user or a user of a KVM guest\nrunning on the same host with the kernel same-page merging functionality\nenabled) could possibly use this flaw to obtain portions of the RSA secret\nkey. (CVE-2013-4242)\n\nA denial of service flaw was found in the way GnuPG parsed certain\ncompressed OpenPGP packets. An attacker could use this flaw to send\nspecially crafted input data to GnuPG, making GnuPG enter an infinite loop\nwhen parsing data. (CVE-2013-4402)\n\nIt was found that importing a corrupted public key into a GnuPG keyring\ndatabase corrupted that keyring. An attacker could use this flaw to trick a\nlocal user into importing a specially crafted public key into their keyring\ndatabase, causing the keyring to be corrupted and preventing its further\nuse. (CVE-2012-6085)\n\nIt was found that GnuPG did not properly interpret the key flags in a PGP\nkey packet. GPG could accept a key for uses not indicated by its holder.\n(CVE-2013-4351)\n\nRed Hat would like to thank Werner Koch for reporting the CVE-2013-4402\nissue. Upstream acknowledges Taylor R Campbell as the original reporter.\n\nAll gnupg users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2013:1458",
        "url": "https://access.redhat.com/errata/RHSA-2013:1458"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "891142",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=891142"
      },
      {
        "category": "external",
        "summary": "988589",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=988589"
      },
      {
        "category": "external",
        "summary": "1010137",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
      },
      {
        "category": "external",
        "summary": "1015685",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1458.json"
      }
    ],
    "title": "Red Hat Security Advisory: gnupg security update",
    "tracking": {
      "current_release_date": "2024-11-22T07:13:28+00:00",
      "generator": {
        "date": "2024-11-22T07:13:28+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2013:1458",
      "initial_release_date": "2013-10-24T15:16:00+00:00",
      "revision_history": [
        {
          "date": "2013-10-24T15:16:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2013-10-24T15:22:57+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T07:13:28+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                  "product_id": "5Client-5.10.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux (v. 5 server)",
                "product": {
                  "name": "Red Hat Enterprise Linux (v. 5 server)",
                  "product_id": "5Server-5.10.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnupg-0:1.4.5-18.el5_10.s390x",
                "product": {
                  "name": "gnupg-0:1.4.5-18.el5_10.s390x",
                  "product_id": "gnupg-0:1.4.5-18.el5_10.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
                "product": {
                  "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
                  "product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnupg-0:1.4.5-18.el5_10.src",
                "product": {
                  "name": "gnupg-0:1.4.5-18.el5_10.src",
                  "product_id": "gnupg-0:1.4.5-18.el5_10.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnupg-0:1.4.5-18.el5_10.x86_64",
                "product": {
                  "name": "gnupg-0:1.4.5-18.el5_10.x86_64",
                  "product_id": "gnupg-0:1.4.5-18.el5_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
                "product": {
                  "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
                  "product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnupg-0:1.4.5-18.el5_10.ia64",
                "product": {
                  "name": "gnupg-0:1.4.5-18.el5_10.ia64",
                  "product_id": "gnupg-0:1.4.5-18.el5_10.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
                "product": {
                  "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
                  "product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnupg-0:1.4.5-18.el5_10.i386",
                "product": {
                  "name": "gnupg-0:1.4.5-18.el5_10.i386",
                  "product_id": "gnupg-0:1.4.5-18.el5_10.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
                "product": {
                  "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
                  "product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnupg-0:1.4.5-18.el5_10.ppc",
                "product": {
                  "name": "gnupg-0:1.4.5-18.el5_10.ppc",
                  "product_id": "gnupg-0:1.4.5-18.el5_10.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg@1.4.5-18.el5_10?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
                "product": {
                  "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
                  "product_id": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg-debuginfo@1.4.5-18.el5_10?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-0:1.4.5-18.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386"
        },
        "product_reference": "gnupg-0:1.4.5-18.el5_10.i386",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-0:1.4.5-18.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64"
        },
        "product_reference": "gnupg-0:1.4.5-18.el5_10.ia64",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-0:1.4.5-18.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc"
        },
        "product_reference": "gnupg-0:1.4.5-18.el5_10.ppc",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-0:1.4.5-18.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x"
        },
        "product_reference": "gnupg-0:1.4.5-18.el5_10.s390x",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-0:1.4.5-18.el5_10.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src"
        },
        "product_reference": "gnupg-0:1.4.5-18.el5_10.src",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-0:1.4.5-18.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64"
        },
        "product_reference": "gnupg-0:1.4.5-18.el5_10.x86_64",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386"
        },
        "product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64"
        },
        "product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc"
        },
        "product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x"
        },
        "product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
        },
        "product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-0:1.4.5-18.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386"
        },
        "product_reference": "gnupg-0:1.4.5-18.el5_10.i386",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-0:1.4.5-18.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64"
        },
        "product_reference": "gnupg-0:1.4.5-18.el5_10.ia64",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-0:1.4.5-18.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc"
        },
        "product_reference": "gnupg-0:1.4.5-18.el5_10.ppc",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-0:1.4.5-18.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x"
        },
        "product_reference": "gnupg-0:1.4.5-18.el5_10.s390x",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-0:1.4.5-18.el5_10.src as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src"
        },
        "product_reference": "gnupg-0:1.4.5-18.el5_10.src",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-0:1.4.5-18.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64"
        },
        "product_reference": "gnupg-0:1.4.5-18.el5_10.x86_64",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386"
        },
        "product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64"
        },
        "product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc"
        },
        "product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x"
        },
        "product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
        },
        "product_reference": "gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
        "relates_to_product_reference": "5Server-5.10.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2012-6085",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2012-12-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "891142"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "GnuPG: read_block() corrupt key input validation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2012-6085"
        },
        {
          "category": "external",
          "summary": "RHBZ#891142",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=891142"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2012-6085",
          "url": "https://www.cve.org/CVERecord?id=CVE-2012-6085"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-6085",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6085"
        }
      ],
      "release_date": "2012-12-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-10-24T15:16:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
          "product_ids": [
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:1458"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "GnuPG: read_block() corrupt key input validation"
    },
    {
      "cve": "CVE-2013-4242",
      "discovery_date": "2013-07-25T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "988589"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the version of gnupg as shipped with Red Hat Enterprise Linux 5. This issue affects the version of libgcrypt as shipped with Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this issue as having moderate security impact, a future update may address this flaw. More technical details on this flaw are available at https://bugzilla.redhat.com/show_bug.cgi?id=988589#c12",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2013-4242"
        },
        {
          "category": "external",
          "summary": "RHBZ#988589",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=988589"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4242",
          "url": "https://www.cve.org/CVERecord?id=CVE-2013-4242"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4242",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4242"
        },
        {
          "category": "external",
          "summary": "http://eprint.iacr.org/2013/448",
          "url": "http://eprint.iacr.org/2013/448"
        }
      ],
      "release_date": "2013-07-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-10-24T15:16:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
          "product_ids": [
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:1458"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 1.9,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "products": [
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "GnuPG susceptible to Yarom/Falkner flush+reload cache side-channel attack"
    },
    {
      "cve": "CVE-2013-4351",
      "discovery_date": "2013-09-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1010137"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "gnupg: treats no-usage-permitted keys as all-usages-permitted",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2013-4351"
        },
        {
          "category": "external",
          "summary": "RHBZ#1010137",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4351",
          "url": "https://www.cve.org/CVERecord?id=CVE-2013-4351"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351"
        }
      ],
      "release_date": "2013-03-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-10-24T15:16:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
          "product_ids": [
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:1458"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "gnupg: treats no-usage-permitted keys as all-usages-permitted"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Werner Koch"
          ]
        },
        {
          "names": [
            "Taylor R Campbell"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2013-4402",
      "discovery_date": "2013-10-04T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1015685"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "GnuPG: infinite recursion in the compressed packet parser DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
          "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
          "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
          "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
          "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2013-4402"
        },
        {
          "category": "external",
          "summary": "RHBZ#1015685",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4402",
          "url": "https://www.cve.org/CVERecord?id=CVE-2013-4402"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402"
        }
      ],
      "release_date": "2013-10-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-10-24T15:16:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
          "product_ids": [
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:1458"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
            "5Client-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
            "5Client-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.i386",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ia64",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.ppc",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.s390x",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.src",
            "5Server-5.10.Z:gnupg-0:1.4.5-18.el5_10.x86_64",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.i386",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ia64",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.ppc",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.s390x",
            "5Server-5.10.Z:gnupg-debuginfo-0:1.4.5-18.el5_10.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "GnuPG: infinite recursion in the compressed packet parser DoS"
    }
  ]
}

rhsa-2013_1459

Vulnerability from csaf_redhat

Published

2013-10-24 15:21

Modified

2024-11-22 07:13

Summary

Red Hat Security Advisory: gnupg2 security update

Notes

Topic

An updated gnupg2 package that fixes three security issues is now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Details

The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A denial of service flaw was found in the way GnuPG parsed certain compressed OpenPGP packets. An attacker could use this flaw to send specially crafted input data to GnuPG, making GnuPG enter an infinite loop when parsing data. (CVE-2013-4402) It was found that importing a corrupted public key into a GnuPG keyring database corrupted that keyring. An attacker could use this flaw to trick a local user into importing a specially crafted public key into their keyring database, causing the keyring to be corrupted and preventing its further use. (CVE-2012-6085) It was found that GnuPG did not properly interpret the key flags in a PGP key packet. GPG could accept a key for uses not indicated by its holder. (CVE-2013-4351) Red Hat would like to thank Werner Koch for reporting the CVE-2013-4402 issue. Upstream acknowledges Taylor R Campbell as the original reporter. All gnupg2 users are advised to upgrade to this updated package, which contains backported patches to correct these issues.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An updated gnupg2 package that fixes three security issues is now available\nfor Red Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and\ncreating digital signatures, compliant with the proposed OpenPGP Internet\nstandard and the S/MIME standard.\n\nA denial of service flaw was found in the way GnuPG parsed certain\ncompressed OpenPGP packets. An attacker could use this flaw to send\nspecially crafted input data to GnuPG, making GnuPG enter an infinite loop\nwhen parsing data. (CVE-2013-4402)\n\nIt was found that importing a corrupted public key into a GnuPG keyring\ndatabase corrupted that keyring. An attacker could use this flaw to trick a\nlocal user into importing a specially crafted public key into their keyring\ndatabase, causing the keyring to be corrupted and preventing its further\nuse. (CVE-2012-6085)\n\nIt was found that GnuPG did not properly interpret the key flags in a PGP\nkey packet. GPG could accept a key for uses not indicated by its holder.\n(CVE-2013-4351)\n\nRed Hat would like to thank Werner Koch for reporting the CVE-2013-4402\nissue. Upstream acknowledges Taylor R Campbell as the original reporter.\n\nAll gnupg2 users are advised to upgrade to this updated package, which\ncontains backported patches to correct these issues.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2013:1459",
        "url": "https://access.redhat.com/errata/RHSA-2013:1459"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "891142",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=891142"
      },
      {
        "category": "external",
        "summary": "1010137",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
      },
      {
        "category": "external",
        "summary": "1015685",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1459.json"
      }
    ],
    "title": "Red Hat Security Advisory: gnupg2 security update",
    "tracking": {
      "current_release_date": "2024-11-22T07:13:31+00:00",
      "generator": {
        "date": "2024-11-22T07:13:31+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHSA-2013:1459",
      "initial_release_date": "2013-10-24T15:21:00+00:00",
      "revision_history": [
        {
          "date": "2013-10-24T15:21:00+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2013-10-24T15:22:46+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T07:13:31+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
                  "product_id": "5Client-5.10.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux (v. 5 server)",
                "product": {
                  "name": "Red Hat Enterprise Linux (v. 5 server)",
                  "product_id": "5Server-5.10.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:5::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop (v. 6)",
                  "product_id": "6Client-6.4.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                  "product_id": "6Client-optional-6.4.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux HPC Node (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux HPC Node (v. 6)",
                  "product_id": "6ComputeNode-6.4.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                  "product_id": "6ComputeNode-optional-6.4.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server-6.4.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                  "product_id": "6Server-optional-6.4.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                  "product_id": "6Workstation-6.4.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
                  "product_id": "6Workstation-optional-6.4.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnupg2-0:2.0.10-6.el5_10.src",
                "product": {
                  "name": "gnupg2-0:2.0.10-6.el5_10.src",
                  "product_id": "gnupg2-0:2.0.10-6.el5_10.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg2-0:2.0.14-6.el6_4.src",
                "product": {
                  "name": "gnupg2-0:2.0.14-6.el6_4.src",
                  "product_id": "gnupg2-0:2.0.14-6.el6_4.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnupg2-0:2.0.10-6.el5_10.i386",
                "product": {
                  "name": "gnupg2-0:2.0.10-6.el5_10.i386",
                  "product_id": "gnupg2-0:2.0.10-6.el5_10.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=i386"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
                "product": {
                  "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
                  "product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=i386"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i386"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnupg2-0:2.0.10-6.el5_10.x86_64",
                "product": {
                  "name": "gnupg2-0:2.0.10-6.el5_10.x86_64",
                  "product_id": "gnupg2-0:2.0.10-6.el5_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
                "product": {
                  "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
                  "product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
                "product": {
                  "name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
                  "product_id": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2-smime@2.0.14-6.el6_4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
                "product": {
                  "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
                  "product_id": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.14-6.el6_4?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg2-0:2.0.14-6.el6_4.x86_64",
                "product": {
                  "name": "gnupg2-0:2.0.14-6.el6_4.x86_64",
                  "product_id": "gnupg2-0:2.0.14-6.el6_4.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnupg2-0:2.0.10-6.el5_10.ia64",
                "product": {
                  "name": "gnupg2-0:2.0.10-6.el5_10.ia64",
                  "product_id": "gnupg2-0:2.0.10-6.el5_10.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=ia64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
                "product": {
                  "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
                  "product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=ia64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnupg2-0:2.0.10-6.el5_10.s390x",
                "product": {
                  "name": "gnupg2-0:2.0.10-6.el5_10.s390x",
                  "product_id": "gnupg2-0:2.0.10-6.el5_10.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
                "product": {
                  "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
                  "product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
                "product": {
                  "name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
                  "product_id": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2-smime@2.0.14-6.el6_4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
                "product": {
                  "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
                  "product_id": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.14-6.el6_4?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg2-0:2.0.14-6.el6_4.s390x",
                "product": {
                  "name": "gnupg2-0:2.0.14-6.el6_4.s390x",
                  "product_id": "gnupg2-0:2.0.14-6.el6_4.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnupg2-0:2.0.10-6.el5_10.ppc",
                "product": {
                  "name": "gnupg2-0:2.0.10-6.el5_10.ppc",
                  "product_id": "gnupg2-0:2.0.10-6.el5_10.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2@2.0.10-6.el5_10?arch=ppc"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
                "product": {
                  "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
                  "product_id": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.10-6.el5_10?arch=ppc"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
                "product": {
                  "name": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
                  "product_id": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2-smime@2.0.14-6.el6_4?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
                "product": {
                  "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
                  "product_id": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.14-6.el6_4?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg2-0:2.0.14-6.el6_4.i686",
                "product": {
                  "name": "gnupg2-0:2.0.14-6.el6_4.i686",
                  "product_id": "gnupg2-0:2.0.14-6.el6_4.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
                "product": {
                  "name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
                  "product_id": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2-smime@2.0.14-6.el6_4?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
                "product": {
                  "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
                  "product_id": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.14-6.el6_4?arch=ppc64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "gnupg2-0:2.0.14-6.el6_4.ppc64",
                "product": {
                  "name": "gnupg2-0:2.0.14-6.el6_4.ppc64",
                  "product_id": "gnupg2-0:2.0.14-6.el6_4.ppc64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/gnupg2@2.0.14-6.el6_4?arch=ppc64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.10-6.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386"
        },
        "product_reference": "gnupg2-0:2.0.10-6.el5_10.i386",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.10-6.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64"
        },
        "product_reference": "gnupg2-0:2.0.10-6.el5_10.ia64",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.10-6.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc"
        },
        "product_reference": "gnupg2-0:2.0.10-6.el5_10.ppc",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.10-6.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x"
        },
        "product_reference": "gnupg2-0:2.0.10-6.el5_10.s390x",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.10-6.el5_10.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src"
        },
        "product_reference": "gnupg2-0:2.0.10-6.el5_10.src",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.10-6.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64"
        },
        "product_reference": "gnupg2-0:2.0.10-6.el5_10.x86_64",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
          "product_id": "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
        "relates_to_product_reference": "5Client-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.10-6.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386"
        },
        "product_reference": "gnupg2-0:2.0.10-6.el5_10.i386",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.10-6.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64"
        },
        "product_reference": "gnupg2-0:2.0.10-6.el5_10.ia64",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.10-6.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc"
        },
        "product_reference": "gnupg2-0:2.0.10-6.el5_10.ppc",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.10-6.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x"
        },
        "product_reference": "gnupg2-0:2.0.10-6.el5_10.s390x",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.10-6.el5_10.src as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src"
        },
        "product_reference": "gnupg2-0:2.0.10-6.el5_10.src",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.10-6.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64"
        },
        "product_reference": "gnupg2-0:2.0.10-6.el5_10.x86_64",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
          "product_id": "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
        "relates_to_product_reference": "5Server-5.10.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Client-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Client-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Client-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
        "relates_to_product_reference": "6Client-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Client-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Client-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Client-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Client-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Client-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Client-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Client-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Client-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
          "product_id": "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Client-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Client-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Client-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Client-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
        "relates_to_product_reference": "6Client-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Client-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Client-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Client-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Client-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Client-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Client-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Client-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Client-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Client-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6ComputeNode-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6ComputeNode-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6ComputeNode-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
        "relates_to_product_reference": "6ComputeNode-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6ComputeNode-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6ComputeNode-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6ComputeNode-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6ComputeNode-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6ComputeNode-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6ComputeNode-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6ComputeNode-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6ComputeNode-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
          "product_id": "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6ComputeNode-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6ComputeNode-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6ComputeNode-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6ComputeNode-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
        "relates_to_product_reference": "6ComputeNode-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6ComputeNode-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6ComputeNode-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6ComputeNode-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6ComputeNode-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6ComputeNode-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6ComputeNode-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6ComputeNode-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Server-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Server-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Server-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
        "relates_to_product_reference": "6Server-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Server-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Server-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Server-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Server-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Server-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Server-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Server-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Server-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Server-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Server-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Server-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Server-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
        "relates_to_product_reference": "6Server-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Server-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Server-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Server-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Server-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Server-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Server-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Server-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Server-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Server-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Workstation-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Workstation-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Workstation-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
        "relates_to_product_reference": "6Workstation-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Workstation-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Workstation-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Workstation-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Workstation-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Workstation-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Workstation-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Workstation-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Workstation-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Workstation-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Workstation-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Workstation-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Workstation-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.src",
        "relates_to_product_reference": "6Workstation-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Workstation-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Workstation-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Workstation-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Workstation-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Workstation-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.i686",
        "relates_to_product_reference": "6Workstation-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
        "relates_to_product_reference": "6Workstation-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.s390x",
        "relates_to_product_reference": "6Workstation-optional-6.4.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
        },
        "product_reference": "gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
        "relates_to_product_reference": "6Workstation-optional-6.4.z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2012-6085",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2012-12-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "891142"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x through 2.0.19, when importing a key, allows remote attackers to corrupt the public keyring database or cause a denial of service (application crash) via a crafted length field of an OpenPGP packet.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "GnuPG: read_block() corrupt key input validation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
          "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
          "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
          "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
          "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
          "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
          "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
          "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
          "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
          "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
          "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
          "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2012-6085"
        },
        {
          "category": "external",
          "summary": "RHBZ#891142",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=891142"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2012-6085",
          "url": "https://www.cve.org/CVERecord?id=CVE-2012-6085"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2012-6085",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6085"
        }
      ],
      "release_date": "2012-12-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-10-24T15:21:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
          "product_ids": [
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:1459"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "GnuPG: read_block() corrupt key input validation"
    },
    {
      "cve": "CVE-2013-4351",
      "discovery_date": "2013-09-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1010137"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "gnupg: treats no-usage-permitted keys as all-usages-permitted",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
          "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
          "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
          "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
          "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
          "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
          "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
          "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
          "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
          "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
          "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
          "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2013-4351"
        },
        {
          "category": "external",
          "summary": "RHBZ#1010137",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1010137"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4351",
          "url": "https://www.cve.org/CVERecord?id=CVE-2013-4351"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4351"
        }
      ],
      "release_date": "2013-03-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-10-24T15:21:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
          "product_ids": [
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:1459"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "HIGH",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.6,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "products": [
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "gnupg: treats no-usage-permitted keys as all-usages-permitted"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Werner Koch"
          ]
        },
        {
          "names": [
            "Taylor R Campbell"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2013-4402",
      "discovery_date": "2013-10-04T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1015685"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "GnuPG: infinite recursion in the compressed packet parser DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
          "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
          "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
          "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
          "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
          "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
          "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
          "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
          "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
          "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
          "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
          "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
          "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
          "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
          "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
          "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
          "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
          "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
          "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
          "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
          "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
          "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
          "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2013-4402"
        },
        {
          "category": "external",
          "summary": "RHBZ#1015685",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4402",
          "url": "https://www.cve.org/CVERecord?id=CVE-2013-4402"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402"
        }
      ],
      "release_date": "2013-10-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2013-10-24T15:21:00+00:00",
          "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
          "product_ids": [
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2013:1459"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "products": [
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
            "5Client-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
            "5Client-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.i386",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ia64",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.ppc",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.s390x",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.src",
            "5Server-5.10.Z:gnupg2-0:2.0.10-6.el5_10.x86_64",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.i386",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ia64",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.ppc",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.s390x",
            "5Server-5.10.Z:gnupg2-debuginfo-0:2.0.10-6.el5_10.x86_64",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Client-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Client-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Client-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Client-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6ComputeNode-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6ComputeNode-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6ComputeNode-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Server-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Server-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Server-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Server-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Workstation-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Workstation-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.src",
            "6Workstation-optional-6.4.z:gnupg2-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-debuginfo-0:2.0.14-6.el6_4.x86_64",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.i686",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.ppc64",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.s390x",
            "6Workstation-optional-6.4.z:gnupg2-smime-0:2.0.14-6.el6_4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "GnuPG: infinite recursion in the compressed packet parser DoS"
    }
  ]
}

ghsa-fhrq-6wcr-78q4

Vulnerability from github

Published

2022-05-17 04:55

Modified

2022-05-17 04:55

Details

The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-4402"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-10-28T22:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The compressed packet parser in GnuPG 1.4.x before 1.4.15 and 2.0.x before 2.0.22 allows remote attackers to cause a denial of service (infinite recursion) via a crafted OpenPGP message.",
  "id": "GHSA-fhrq-6wcr-78q4",
  "modified": "2022-05-17T04:55:08Z",
  "published": "2022-05-17T04:55:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4402"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1015685"
    },
    {
      "type": "WEB",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725433"
    },
    {
      "type": "WEB",
      "url": "http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000333.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.gnupg.org/pipermail/gnupg-announce/2013q4/000334.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00020.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00025.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1459.html"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2013/dsa-2773"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2013/dsa-2774"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1987-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2013-4402

Vulnerability from cvelistv5

gsd-2013-4402

Vulnerability from gsd

rhsa-2013_1458

Vulnerability from csaf_redhat

rhsa-2013_1459

Vulnerability from csaf_redhat

ghsa-fhrq-6wcr-78q4

Vulnerability from github

Tags

Sightings

Nomenclature