| Errata ID | 436 |
|---|---|
| Date | 2016-06-22 |
| Source package | gnupg2 |
| Fixed in version | 2.0.14-2.51.201606131324 |
| Description | This update addresses the following issues: * Denial of service through malformed packets (CVE-2014-4617) * Infinite recursion in the compressed packet (CVE-2013-4402) * GnuPG treats no-usage-permitted keys as all-usages-permitted, which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey (CVE-2013-4351) |
| Additional notes | |
| CVE ID | CVE-2014-4617 CVE-2013-4402 CVE-2013-4351 |
| UCS Bug number | #35191 |
