File _patchinfo of Package patchinfo.4341
<patchinfo incident="1516">
<issue id="918090" tracker="bnc">VUL-1: CVE-2015-1607: gpg2: memcpy with overlapping ranges (keybox_search.c)</issue>
<issue id="955753" tracker="bnc">gpg --recv rejected by import filter</issue>
<issue id="918089" tracker="bnc">VUL-1: CVE-2015-1606: gpg2: Invalid memory read using a garbled keyring</issue>
<issue id="952347" tracker="bnc">gpg --recv rejected by import filter</issue>
<issue id="CVE-2015-1606" tracker="cve" />
<issue id="CVE-2015-1607" tracker="cve" />
<category>security</category>
<rating>moderate</rating>
<packager>vitezslav_cizek</packager>
<description>The gpg2 package was updated to fix the following security and non security issues:
- CVE-2015-1606: Fixed invalid memory read using a garbled keyring (bsc#918089).
- CVE-2015-1607: Fixed memcpy with overlapping ranges (bsc#918090).
- bsc#955753: Fixed a regression of "gpg --recv" due to keyserver import filter (also boo#952347).
</description>
<summary>Security update for gpg2</summary>
</patchinfo>