In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade Debian:13
rust-pgp
to version 0.14.2-1 or higher.
Note: Versions mentioned in the description apply only to the upstream rust-pgp
package and not the rust-pgp
package as distributed by Debian
.
See How to fix?
for Debian:13
relevant fixed versions and status.
rPGP is a pure Rust implementation of OpenPGP. Prior to 0.14.1, rPGP allows an attacker to trigger rpgp crashes by providing crafted data. This vulnerability is fixed in 0.14.1.