USN-1682-1: GnuPG vulnerability
9 January 2013
GnuPG could be made to corrupt the keyring if it imported a specially crafted key.
- gnupg - GNU privacy guard - a free PGP replacement
- gnupg2 - GNU privacy guard - a free PGP replacement
KB Sriram discovered that GnuPG incorrectly handled certain malformed keys.
If a user or automated system were tricked into importing a malformed key,
the GnuPG keyring could become corrupted.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.