CVE

Id
71914  
CVE No.
CVE-2014-4617  
Status
Candidate  
Description
The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.  
Phase
Assigned (20140624)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
682393 71914 CVE-2014-4617 MLIST:[gnupg-announce] 20140623 [security fix] GnuPG 1.4.17 released  View
682394 71914 CVE-2014-4617 URL:http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000344.html  View
682395 71914 CVE-2014-4617 MLIST:[gnupg-announce] 20140624 [security fix] GnuPG 2.0.24 released  View
682396 71914 CVE-2014-4617 URL:http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html  View
682397 71914 CVE-2014-4617 CONFIRM:http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=014b2103fcb12f261135e3954f26e9e07b39e342  View
682398 71914 CVE-2014-4617 CONFIRM:http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=11fdfcf82bd8d2b5bc38292a29876e10770f4b0a  View
682399 71914 CVE-2014-4617 CONFIRM:http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html  View
682400 71914 CVE-2014-4617 DEBIAN:DSA-2968  View
682401 71914 CVE-2014-4617 URL:http://www.debian.org/security/2014/dsa-2968  View
682402 71914 CVE-2014-4617 SUSE:openSUSE-SU-2014:0866  View
682403 71914 CVE-2014-4617 URL:http://lists.opensuse.org/opensuse-updates/2014-07/msg00010.html  View
682404 71914 CVE-2014-4617 SECUNIA:59213  View
682405 71914 CVE-2014-4617 URL:http://secunia.com/advisories/59213  View
682406 71914 CVE-2014-4617 SECUNIA:59534  View
682407 71914 CVE-2014-4617 URL:http://secunia.com/advisories/59534  View
682408 71914 CVE-2014-4617 SECUNIA:59578  View
682409 71914 CVE-2014-4617 URL:http://secunia.com/advisories/59578  View
682410 71914 CVE-2014-4617 SECUNIA:59351  View

Related JVN