USN-970-1 -- gnupg2 vulnerabilityID: oval:org.secpod.oval:def:700110 | Date: (C)2011-01-28 (M)2024-02-08 |
Class: PATCH | Family: unix |
It was discovered that GPGSM in GnuPG2 did not correctly handle certificates with a large number of Subject Alternate Names. If a user or automated system were tricked into processing a specially crafted certificate, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.
Platform: |
Ubuntu 8.04 |
Ubuntu 10.04 |
Ubuntu 9.04 |
Ubuntu 9.10 |