AVG-1218 log

Package gnupg
Status Fixed
Severity Critical
Type arbitrary code execution
Affected 2.2.21-2
Fixed 2.2.23-1
Current 2.4.7-1 [core]
Ticket None
Created Thu Sep 3 19:37:17 2020
Issue Severity Remote Type Description
CVE-2020-25125 Critical Yes Arbitrary code execution
Importing an OpenPGP key having a preference list for AEAD algorithms will lead to an array overflow and thus often to a crash or other undefined behaviour....
Date Advisory Package Type
07 Sep 2020 ASA-202009-5 gnupg arbitrary code execution
References
https://lists.gnupg.org/pipermail/gnupg-announce/2020q3/000448.html