MGASA-2013-0239

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2013-0239.html

Import Source

https://advisories.mageia.org/MGASA-2013-0239.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2013-0239

Upstream

CVE-2013-4242

Published

2013-08-03T08:45:05Z

Modified

2026-04-16T06:22:44.560334442Z

Summary

Updated gnupg package fixes security vulnerability

Details

Yarom and Falkner discovered that RSA secret keys in applications using GnuPG 1.x, and using the libgcrypt library, could be leaked via a side channel attack, where a malicious local user could obtain private key information from another user on the system (CVE-2013-4242).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:2 / gnupg

Package

Name: gnupg
Purl: pkg:rpm/mageia/gnupg?arch=source&distro=mageia-2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.12-1.2.mga2

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2013-0239.json"

Mageia:2 / libgcrypt

Package

Name: libgcrypt
Purl: pkg:rpm/mageia/libgcrypt?arch=source&distro=mageia-2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.5.0-2.1.mga2

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2013-0239.json"

Mageia:3 / gnupg

Package

Name: gnupg
Purl: pkg:rpm/mageia/gnupg?arch=source&distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.4.14-1.mga3

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2013-0239.json"

Mageia:3 / libgcrypt

Package

Name: libgcrypt
Purl: pkg:rpm/mageia/libgcrypt?arch=source&distro=mageia-3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.5.3-1.mga3

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2013-0239.json"