2
Candidate: CVE-2006-0049
4
https://usn.ubuntu.com/usn/usn-264-1
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0049
7
gpg in GnuPG before 1.4.2.2 does not properly verify non-detached
8
signatures, which allows attackers to inject unsigned data via a data
9
packet that is not associated with a control packet, which causes the check
10
for concatenated signatures to report that the signature is valid, a
11
different vulnerability than CVE-2006-0455.
15
dapper_gnupg: released (1.4.2.2-1ubuntu2.5)
16
edgy_gnupg: released (1.4.3-2ubuntu3.3)
17
feisty_gnupg: released (1.4.6-1ubuntu2)
18
devel_gnupg: released (1.4.6-1ubuntu2)