Solution
Please Install the Updated Packages.
Insight
GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described by several RFCs.
GnuPG 2.0 is the stable version of GnuPG integrating support for OpenPGP and S/MIME. It does not conflict with an installed 1.x OpenPGP-only version.
GnuPG 2.0 is a newer version of GnuPG with additional support for S/MIME. It has a different design philosophy that splits functionality up into several modules. Both versions may be installed simultaneously without any conflict (gpg is called gpg2 in GnuPG 2).
In fact, the gpg version from GnuPG 1.x is able to make use of the gpg-agent as included in GnuPG 2 and allows for seamless passphrase caching. The advantage of GnupG 1.x is its smaller size and no dependency on other modules at run and build time.
Affected
gnupg2 on Fedora 12
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-2547 -
CVSS Base Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P
Related Vulnerabilities