FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gnupg -- possible infinite recursion in the compressed packet parser

Affected packages
gnupg < 1.4.15
2.0.0 <= gnupg < 2.0.22

Details

VuXML ID 749b5587-2da1-11e3-b1a9-b499baab0cbe
Discovery 2013-10-05
Entry 2013-10-05

Werner Koch reports:

Special crafted input data may be used to cause a denial of service against GPG (GnuPG's OpenPGP part) and some other OpenPGP implementations. All systems using GPG to process incoming data are affected..

[source]

References

CVE Name CVE-2013-4402

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.