virus logo FortiClient Vulnerability

RedHat GnuPG CVE-2019-13050 Certificate Validation Bypass Vulnerability

description-logoDescription

The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. The following packages have been upgraded to a later upstream version: gnupg2 (2.2.20). (BZ#1663944) Security Fix(es): * GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack which leads to persistent DoS (CVE-2019-13050) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.

affected-products-logoAffected Applications

GnuPG

CVE References

CVE-2019-13050

Other References

https://access.redhat.com/errata/RHSA-2020:4490
ID 65359
Created Nov 07, 2020
Description
Updated		 Dec 20, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor RedHat
Patch auto
Application GnuPG