gnupg2-2.3.3-5.el9_7

エラータID: AXSA:2026-043:01

リリース日: 
2026/01/20 Tuesday - 16:24
題名: 
gnupg2-2.3.3-5.el9_7
影響のあるチャネル: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.

Security Fix(es):

* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-68973
In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)

解決策: 

Update packages.

CVE: 
CVE-2025-68973
In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. gnupg2-2.3.3-5.el9_7.src.rpm
    MD5: 802b240bc093a1211e153db66675a60e
    SHA-256: cb87acab5483db2b8a731897f1c185c8dc7fda4ac203e8428f02c60aedf397e2
    Size: 7.27 MB

Asianux Server 9 for x86_64
  1. gnupg2-2.3.3-5.el9_7.x86_64.rpm
    MD5: 001cd8f27cbb49d558d495878e598ea0
    SHA-256: 783e256f6d96475c6ff2f5c93d68c9598ac677a78fedff9f705f836e2fc56141
    Size: 2.51 MB
  2. gnupg2-smime-2.3.3-5.el9_7.x86_64.rpm
    MD5: c82d5d856ab5c3188d49de2f19babe45
    SHA-256: 9f16a2659be5e02e92289deb2022c7e6e328d8a309424f80a8653dfa8c9d0073
    Size: 240.00 kB