Security update for gpg2
The gpg2 package was updated to fix the following security and non security issues:
- CVE-2015-1606: Fixed invalid memory read using a garbled keyring (bsc#918089).
- CVE-2015-1607: Fixed memcpy with overlapping ranges (bsc#918090).
- bsc#955753: Fixed a regression of "gpg --recv" due to keyserver import filter (also boo#952347).
-
Submitted by
Vítězslav Čížek (vitezslav_cizek)
Fixed bugs
bnc#918090
VUL-1: CVE-2015-1607: gpg2: memcpy with overlapping ranges (keybox_search.c)
bnc#955753
gpg --recv rejected by import filter
bnc#918089
VUL-1: CVE-2015-1606: gpg2: Invalid memory read using a garbled keyring
bnc#952347
gpg --recv rejected by import filter
