---------------------------------------------------------------------- Want a new job? http://secunia.com/secunia_vacancies/ Secunia is looking for new researchers with a reversing background and experience in writing exploit code: http://secunia.com/hardcore_disassembler_and_reverse_engineer/ http://secunia.com/Disassembling_og_Reversing/ ---------------------------------------------------------------------- TITLE: Mandriva update for gnupg and gpgme SECUNIA ADVISORY ID: SA24407 VERIFY ADVISORY: http://secunia.com/advisories/24407/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: >From remote OPERATING SYSTEM: Mandriva Linux 2007 http://secunia.com/product/12165/ Mandriva Linux 2006 http://secunia.com/product/9020/ DESCRIPTION: Mandriva has issued an update for gnupg and gpgme. This fixes a vulnerability, which potentially can be exploited by malicious people to bypass certain security restrictions when applications use GnuPG in an insecure manner. For more information: SA24412 SOLUTION: Apply updated packages. Mandriva Linux 2006 ec697754fca080fa53c6c486cd91ba8c 2006.0/i586/gnupg-1.4.7-0.2.20060mdk.i586.rpm f30ab12655598264c10cee92ed76c951 2006.0/SRPMS/gnupg-1.4.7-0.2.20060mdk.src.rpm Mandriva Linux 2006/X86_64 845bfd1f359b7866e73ab2eb8b30b8fe 2006.0/x86_64/gnupg-1.4.7-0.2.20060mdk.x86_64.rpm f30ab12655598264c10cee92ed76c951 2006.0/SRPMS/gnupg-1.4.7-0.2.20060mdk.src.rpm Mandriva Linux 2007 c1b40e8866482c368aab5df228093ab3 2007.0/i586/gnupg-1.4.7-0.2mdv2007.0.i586.rpm 9dbf1a7a48aecb2ece048b47f4c7ade9 2007.0/i586/libgpgme11-1.1.2-2.1mdv2007.0.i586.rpm 3809f32ed3708606e6318fb7feed230d 2007.0/i586/libgpgme11-devel-1.1.2-2.1mdv2007.0.i586.rpm 62d991ccd15ca77ed37ccd4ca1bedba7 2007.0/SRPMS/gnupg-1.4.7-0.2mdv2007.0.src.rpm 31357e977acd83d777df2d77c22094f6 2007.0/SRPMS/gpgme-1.1.2-2.1mdv2007.0.src.rpm Mandriva Linux 2007/X86_64 d5339dd2bc4146dd18c2ab3b4eca028d 2007.0/x86_64/gnupg-1.4.7-0.2mdv2007.0.x86_64.rpm 608bd0a86d6f83927466f23e7d73fa8d 2007.0/x86_64/lib64gpgme11-1.1.2-2.1mdv2007.0.x86_64.rpm 915d2d203fa41ce12bc661d1a89d563b 2007.0/x86_64/lib64gpgme11-devel-1.1.2-2.1mdv2007.0.x86_64.rpm 62d991ccd15ca77ed37ccd4ca1bedba7 2007.0/SRPMS/gnupg-1.4.7-0.2mdv2007.0.src.rpm 31357e977acd83d777df2d77c22094f6 2007.0/SRPMS/gpgme-1.1.2-2.1mdv2007.0.src.rpm ORIGINAL ADVISORY: http://www.mandriva.com/security/advisories?name=MDKSA-2007:059 OTHER REFERENCES: SA24412: http://secunia.com/advisories/24412/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------