ALAS-2015-574


Amazon Linux AMI Security Advisory: ALAS-2015-574
Advisory Release Date: 2015-07-28 11:35 Pacific
Severity: Low
References: CVE-2015-1606 

Issue Overview:

It was reported that gnupg2 keyring DB code did not reject packets which don't belong into a keyring, which may lead to invalid read of sizeof (int).


Affected Packages:

gnupg2


Issue Correction:
Run yum update gnupg2 to update your system.

New Packages:
i686:
    gnupg2-debuginfo-2.0.28-1.30.amzn1.i686
    gnupg2-2.0.28-1.30.amzn1.i686
    gnupg2-smime-2.0.28-1.30.amzn1.i686

src:
    gnupg2-2.0.28-1.30.amzn1.src

x86_64:
    gnupg2-debuginfo-2.0.28-1.30.amzn1.x86_64
    gnupg2-smime-2.0.28-1.30.amzn1.x86_64
    gnupg2-2.0.28-1.30.amzn1.x86_64