gnupg: CVE-2013-4351 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Ming Liu <ming.liu@windriver.com>	2014-03-26 16:32:12 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-03-27 09:42:05 +0000
commit	0abd9418b1bb15555457eafef1c8ac9670de39a0 (patch)
tree	6f5092e817052bb58743efe8e89dd56a6427712e /scripts
parent	f6548c56cbbcbcab7ad214f51b065487c62e2311 (diff)
download	poky-0abd9418b1bb15555457eafef1c8ac9670de39a0.tar.gz

gnupg: CVE-2013-4351

GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey. (From OE-Core rev: 259aebc9dbcaeb1587aaaab849942f55fa321724) Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: