Bug 11416 - gnupg/gnupg2: infinite recursion in compressed packet parser (CVE-2013-4402)
Summary: gnupg/gnupg2: infinite recursion in compressed packet parser (CVE-2013-4402)
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 3
Hardware: i586 Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL: http://lwn.net/Vulnerabilities/570018/
Whiteboard: MGA2TOO has_procedure mga2-32-ok mga2...
Keywords: validated_update
Depends on: 11306
  Show dependency treegraph
Reported: 2013-10-09 15:57 CEST by David Walser
Modified: 2014-05-08 18:05 CEST (History)
3 users (show)

See Also:
Source RPM: gnupg
Status comment:


Description David Walser 2013-10-09 15:57:32 CEST
Upstream has released gnupg 1.4.15 and gnupg2 2.0.22 to fix a new security issue:


Steps to Reproduce:
David Walser 2013-10-09 15:57:42 CEST

Whiteboard: (none) => MGA3TOO, MGA2TOO

Comment 1 Oden Eriksson 2013-10-09 17:46:48 CEST
Fixed with gnupg2-2.0.18-1.4.mga2 and gnupg2-2.0.19-3.2.mga3. Fixed in cauldron with gnupg2-2.0.22-1.mga4.

CC: (none) => oe

Comment 2 Oden Eriksson 2013-10-09 17:47:51 CEST
Fixed with gnupg-1.4.12-1.3.mga2, gnupg-1.4.14-1.1.mga3 and gnupg-1.4.15-1.mga4.
David Walser 2013-10-09 17:56:26 CEST

Depends on: (none) => 11306

Comment 3 David Walser 2013-10-09 17:59:02 CEST
Thanks Oden!

We'll use this bug for the gnupg update and Bug 11306 for gnupg2 for QA.


Updated gnupg package fixes security vulnerability:

Special crafted input data may be used to cause a denial of service against
GPG. GPG can be forced to recursively parse certain parts of OpenPGP messages
ad infinitum (CVE-2013-4402).


Updated packages in core/updates_testing:

from SRPMS:

CC: (none) => boklm
Assignee: boklm => qa-bugs
Whiteboard: MGA3TOO, MGA2TOO => MGA2TOO

claire robinson 2013-10-09 18:57:41 CEST

Summary: gnupg/gnupg2: infinite recursion in compressed packet parser (CVE-2013-4402) => gnupg: infinite recursion in compressed packet parser (CVE-2013-4402)

Comment 4 claire robinson 2013-10-09 18:58:33 CEST
Procedure: https://bugs.mageia.org/show_bug.cgi?id=11306#c3

Whiteboard: MGA2TOO => MGA2TOO has_procedure

claire robinson 2013-10-09 18:58:41 CEST

Source RPM: gnupg, gnupg2 => gnupg

Comment 5 David Walser 2013-10-09 19:15:54 CEST
Just noting that this issue does affect both gnupg and gnupg2 even though the bug title got changed.
Comment 6 claire robinson 2013-10-09 20:06:28 CEST
Testing complete mga2 64

Whiteboard: MGA2TOO has_procedure => MGA2TOO has_procedure mga2-64-ok

Comment 7 claire robinson 2013-10-09 20:22:09 CEST
testing complete mga3 64

Whiteboard: MGA2TOO has_procedure mga2-64-ok => MGA2TOO has_procedure mga2-64-ok mga3-64-ok

Comment 8 claire robinson 2013-10-09 20:31:21 CEST
testing complete mga2 32

Whiteboard: MGA2TOO has_procedure mga2-64-ok mga3-64-ok => MGA2TOO has_procedure mga2-32-ok mga2-64-ok mga3-64-ok

Comment 9 claire robinson 2013-10-09 20:45:22 CEST
testing complete mga3 32

Whiteboard: MGA2TOO has_procedure mga2-32-ok mga2-64-ok mga3-64-ok => MGA2TOO has_procedure mga2-32-ok mga2-64-ok mga3-32-ok mga3-64-ok

Comment 10 claire robinson 2013-10-09 20:59:06 CEST
Validating. Advisory uploaded.

Could sysadmin please push from 2&3 core/updates_testing to updates


Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 11 Thomas Backlund 2013-10-10 00:57:06 CEST
Update pushed:

CC: (none) => tmb
Resolution: (none) => FIXED

David Walser 2013-10-10 18:08:21 CEST

URL: (none) => http://lwn.net/Vulnerabilities/570018/
Summary: gnupg: infinite recursion in compressed packet parser (CVE-2013-4402) => gnupg/gnupg2: infinite recursion in compressed packet parser (CVE-2013-4402)

Nicolas Vigier 2014-05-08 18:05:23 CEST

CC: boklm => (none)

Note You need to log in before you can comment on or make changes to this bug.