openSUSE Security Update : gpg2 (openSUSE-2015-886)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

The gpg2 package was updated to fix the following security and non
security issues :

- CVE-2015-1606: Fixed invalid memory read using a garbled
keyring (bsc#918089).

- CVE-2015-1607: Fixed memcpy with overlapping ranges
(bsc#918090).

- bsc#955753: Fixed a regression of 'gpg --recv' due to
keyserver import filter (also boo#952347).

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=918089
https://bugzilla.opensuse.org/show_bug.cgi?id=918090
https://bugzilla.opensuse.org/show_bug.cgi?id=952347
https://bugzilla.opensuse.org/show_bug.cgi?id=955753

Solution :

Update the affected gpg2 packages.

Risk factor :

Medium

Family: SuSE Local Security Checks

Nessus Plugin ID: 87392 ()

Bugtraq ID:

CVE ID: CVE-2015-1606
CVE-2015-1607

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now