File _patchinfo of Package patchinfo.4341

<patchinfo incident="1516">
  <issue id="918090" tracker="bnc">VUL-1: CVE-2015-1607: gpg2: memcpy with overlapping ranges (keybox_search.c)</issue>
  <issue id="955753" tracker="bnc">gpg --recv rejected by import filter</issue>
  <issue id="918089" tracker="bnc">VUL-1: CVE-2015-1606: gpg2: Invalid memory read using a garbled keyring</issue>
  <issue id="952347" tracker="bnc">gpg --recv rejected by import filter</issue>
  <issue id="CVE-2015-1606" tracker="cve" />
  <issue id="CVE-2015-1607" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>vitezslav_cizek</packager>
  <description>The gpg2 package was updated to fix the following security and non security issues:

- CVE-2015-1606: Fixed invalid memory read using a garbled keyring (bsc#918089).
- CVE-2015-1607: Fixed memcpy with overlapping ranges (bsc#918090).

- bsc#955753: Fixed a regression of "gpg --recv" due to keyserver import filter (also boo#952347). 
</description>
  <summary>Security update for gpg2</summary>
</patchinfo>
openSUSE Build Service is sponsored by