tag:gpgtools.tenderapp.com,2011-11-04:/discussions/feedback/17726-integer-overflow-in-libksbagnupg-questionGPGTools: Discussion 2023-03-16T22:29:42Z tag:gpgtools.tenderapp.com,2011-11-04:Comment/582823522023-03-16T18:04:00Z2023-03-16T18:04:00ZInteger Overflow In LibKSBA/GnuPG – Question CVE-2022-3515 <div><p>Hi,</p>
<p>the fix was part of GnuPG 2.2.40, released in GPG Suite 2022.2 on 2022-10-24:<br>
<a href=”https://gpgtools.com/releases/gpgsuite/release-notes.html#2022.2″>gpgtools.com/releases/gpgsuite/release-notes.html#2022.2</a></p>
<p>Hope this helps,<br>
Steve</p></div> Steve
tag:gpgtools.tenderapp.com,2011-11-04:Comment/582823522023-03-16T18:57:02Z2023-03-16T18:57:02ZInteger Overflow In LibKSBA/GnuPG – Question CVE-2022-3515 <div><p>How dangerous is this for users of older versions?</p></div> JustAnotherGPGFan
tag:gpgtools.tenderapp.com,2011-11-04:Comment/582823522023-03-16T22:29:26Z2023-03-16T22:29:26ZInteger Overflow In LibKSBA/GnuPG – Question CVE-2022-3515 <div><p>That is a difficult to answer question. Here is the RedHat entry for the CVE with Important Impact & 8.6 CVSS v3 Base Score</p>
<p><a href=”https://access.redhat.com/security/cve/cve-2022-3515#cve-cvss-v3″>access.redhat.com/security/cve/cve-2022-3515#cve-cvss-v3</a></p></div> Steve
