gnupg: CVE-2013-4351 - openembedded-core-contrib - OpenEmbedded Core user contribution trees

diff options

author	Ming Liu <ming.liu@windriver.com>	2014-03-26 16:32:12 +0800
committer	Andreas Oberritter <obi@opendreambox.org>	2015-02-23 17:15:28 +0100
commit	0abf69f65a9f66885f67c263e45060243d8ae04b (patch)
tree	c47ae795517dd7a4fc360010e4307cd2ed29c69d /meta/recipes-support/libevent
parent	d98c93e319d9b9016bd1dd2cb60a7c8de293fd98 (diff)
download	openembedded-core-contrib-0abf69f65a9f66885f67c263e45060243d8ae04b.tar.gz

gnupg: CVE-2013-4351

GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey. Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 259aebc9dbcaeb1587aaaab849942f55fa321724) Signed-off-by: Andreas Oberritter <obi@opendreambox.org>

Diffstat (limited to 'meta/recipes-support/libevent')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: