CVE-2006-0455

Name of the Vulnerable Software and Affected Versions liby2util versions (affected versions not specified) liby2util-devel versions (affected versions not specified) GnuPG versions prior to 1.4.2.1 gpg versions (affected versions not specified)

Description The issue concerns multiple vulnerabilities in the liby2util, liby2util-devel, and gpg packages of various Linux operating systems, including SUSE Linux Enterprise and openSUSE. These vulnerabilities can be exploited remotely and may lead to a breach of protected information integrity. In the case of GnuPG, the gpgv component may return a 0 exit code even when the detached signature file does not carry a signature, potentially causing programs that use gpgv to incorrectly assume successful signature verification.

Recommendations For liby2util and liby2util-devel, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For GnuPG, update to version 1.4.2.1 or later to resolve the issue. For gpg, at the moment, there is no information about a newer version that contains a fix for this vulnerability.