Notified: December 18, 2006 Updated: December 18, 2006
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 21, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to Debian Security Advisory dsa-1231.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 21, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to Gentoo Linux Security Advisory GLSA 200612-03.
Notified: December 07, 2006 Updated: December 07, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The GnuPG development team has published GnuPG version 1.4.6 in response to this issue. Users who compile GnuPG from the original distribution are encouraged to upgrade to this version (or later) or apply the patch to upgrade from 1.4.5 to 1.4.6.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Affected
Mandriva has correct this issue with updated packages via advisory MDKSA-2006:228 (http://www.mandriva.com/security/advisories?name=MDKSA-2006:228)
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: December 21, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to OpenPKG Security Advisory 2006.037.
Notified: December 18, 2006 Updated: December 18, 2006
Affected
We have fixed this GnuPG vulnerability in Openwall GNU/*/Linux current as of 2006/12/06 and in 2.0-stable as of 2006/12/07.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: December 07, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Red Hat has published Red Hat Security Advisory RHSA-2006:0754 in response to this issue. Users are encouraged to review this advisory and apply the patches it refers to.
Updated: December 07, 2006
Affected
rPath Security Advisory: 2006-0227-1 Published: 2006-12-06 Products: rPath Linux 1 Rating: Severe Exposure Level Classification: Indirect Deterministic Privilege Escalation Updated Versions: gnupg=/conary.rpath.com@rpl:devel//1/1.4.6-0.1- References: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6235 https://issues.rpath.com/browse/RPL-835 Description: Previous versions of the gnupg package will execute attacker-provided code found in intentionally malformed OpenPGP packets. This allows an attacker to run arbitrary code as the user invoking gpg on the file that contains the malformed packets.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: December 21, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The Slackware security team has published Slackware Security Advisory SSA:2006-340-01 in response to this issue. Users are encouraged to review this response and apply the patches it refers to.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 21, 2006
Not Affected
Sun does not ship GnuPG with Solaris and thus Solaris is not directly impacted by this issue. If a vulnerable version of GnuPG has been built and/or installed on a Solaris system then GnuPG will need to be updated to address this issue.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 19, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Refer to SUSE Security Summary Report SUSE-SR:2006:028.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: December 11, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Please see Trustix Secure Linux Security Advisory #2006-0070 for more information.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Updated: December 07, 2006
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The Ubuntu security team has published Ubuntu Security Notice USN-393-1 in response to this issue. Users are encouraged to review this notice and apply the patches it refers to.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
Notified: December 18, 2006 Updated: December 18, 2006
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.