Oval Definition:oval:org.opensuse.security:def:202234903
Revision Date:2023-06-22Version:1
Title:CVE-2022-34903
Description:

GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2022-34903
SUSE CVE-2022-34903
SUSE-CU-2022:1618-1
SUSE-CU-2022:1619-1
SUSE-CU-2022:1627-1
SUSE-CU-2022:1628-1
SUSE-CU-2022:1649-1
SUSE-CU-2022:1672-1
SUSE-CU-2022:1696-1
SUSE-CU-2022:1736-1
SUSE-SU-2022:2529-1
SUSE-SU-2022:2546-1
SUSE-CU-2022:1852-1
SUSE-IU-2022:1047-1
SUSE-IU-2022:1048-1
SUSE-IU-2022:1049-1
SUSE-IU-2022:1061-1
SUSE-IU-2022:1062-1
SUSE-IU-2022:1067-1
openSUSE-SU-2022:2546-1
SUSE-CU-2022:2082-1
SUSE-CU-2022:2083-1
SUSE-CU-2022:2084-1
SUSE-CU-2022:2086-1
SUSE-CU-2022:2087-1
SUSE-CU-2022:2088-1
SUSE-CU-2022:2089-1
SUSE-CU-2022:2090-1
SUSE-CU-2022:2091-1
SUSE-CU-2022:2092-1
SUSE-CU-2022:2093-1
SUSE-CU-2022:2094-1
SUSE-CU-2022:2095-1
SUSE-CU-2022:2097-1
SUSE-CU-2022:2098-1
SUSE-CU-2022:2123-1
SUSE-CU-2022:2149-1
SUSE-CU-2022:2209-1
SUSE-CU-2022:2561-1
SUSE-CU-2023:1261-1
SUSE-CU-2023:1262-1
SUSE-CU-2023:1280-1
SUSE-CU-2023:1282-1
SUSE-CU-2023:1283-1
SUSE-CU-2023:1284-1
SUSE-CU-2023:1338-1
SUSE-CU-2023:324-1
SUSE-SU-2022:3144-1
Platform(s):openSUSE Leap Micro 5.2
SUSE Linux Enterprise Desktop 15 SP4
SUSE Linux Enterprise Desktop 15 SP5
SUSE Linux Enterprise High Performance Computing 15 SP4
SUSE Linux Enterprise High Performance Computing 15 SP5
SUSE Linux Enterprise Micro 5.1
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Module for Basesystem 15 SP4
SUSE Linux Enterprise Module for Basesystem 15 SP5
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server 15 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Linux Enterprise Server for SAP Applications 15 SP5
SUSE Manager Proxy 4.3
SUSE Manager Retail Branch Server 4.3
SUSE Manager Server 4.3
Product(s):
Definition Synopsis
  • openSUSE Leap Micro 5.2 is installed
  • AND Package Information
  • gpg2-2.2.27-150300.3.5.1 is installed
  • AND gpg2 is signed with openSUSE key
    • Definition Synopsis
  • SUSE Linux Enterprise Micro 5.1 is installed
  • AND gpg2-2.2.27-150300.3.5.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Micro 5.2 is installed
  • AND gpg2-2.2.27-150300.3.5.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP4 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP4 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP4 is installed
  • OR SUSE Linux Enterprise Server 15 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP4 is installed
  • OR SUSE Manager Proxy 4.3 is installed
  • OR SUSE Manager Retail Branch Server 4.3 is installed
  • OR SUSE Manager Server 4.3 is installed
  • AND Package Information
  • dirmngr-2.2.27-150300.3.5.1 is installed
  • OR gpg2-2.2.27-150300.3.5.1 is installed
  • OR gpg2-lang-2.2.27-150300.3.5.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
  • AND Package Information
  • gpg2 is affected
  • OR gpg2-lang is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND Package Information
  • gpg2-2.0.24-9.11.1 is installed
  • OR gpg2-lang-2.0.24-9.11.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND
  • gpg2-2.0.24-9.11.1 is installed
  • OR gpg2-lang-2.0.24-9.11.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND
  • gpg2-2.0.24-9.11.1 is installed
  • OR gpg2-lang-2.0.24-9.11.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND
  • gpg2-2.0.24-9.11.1 is installed
  • OR gpg2-lang-2.0.24-9.11.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP5 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed
  • OR SUSE Linux Enterprise Module for Basesystem 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • AND Package Information
  • dirmngr-2.2.27-150300.3.5.1 is installed
  • OR gpg2-2.2.27-150300.3.5.1 is installed
  • OR gpg2-lang-2.2.27-150300.3.5.1 is installed
    • BACK