Oval Definition:	oval:com.ubuntu.trusty:def:20144617000
Revision Date: 2014-06-25 Version: 1 Title: CVE-2014-4617 on Ubuntu 14.04 LTS (trusty) - medium. Description: The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence. Family: unix Class: vulnerability Status: Reference(s): CVE-2014-4617 Platform(s): Ubuntu 14.04 LTS Product(s): Definition Synopsis Ubuntu 14.04 LTS (trusty) is installed. AND Package Information The 'gnupg' package in trusty was vulnerable but has been fixed (note: '1.4.16-1ubuntu2.1'). OR The 'gnupg2' package in trusty was vulnerable but has been fixed (note: '2.0.22-3ubuntu1.1').
BACK