Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

Vulnerability IntelligenceSUSE-SU-2026:0378-1

SUSE-SU-2026:0378-1

UNKNOWN

Security update for gpg2

Published Feb 4, 2026

Modified 1 months ago

Fix available

Details

This update for gpg2 fixes the following issues:

CVE-2025-68973: Fixed possile memory corruption in the armor parser [T7906] (bsc#1255715)
Fixed GnuPG Accepting Path Separators and Path Traversals in Literal Data (bsc#1256389)
Fixed Cleartext Signature Forgery in the NotDashEscaped header implementation in GnuPG (bsc#1256390)
Fixed error out on unverified output for non-detached signatures [T7903] (bsc#1256244)

Affected Packages

gpg2

SUSE Linux Enterprise Server 12 SP5-LTSSSUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Fixed in:

2.0.24-9.17.1

gpg2-lang

SUSE Linux Enterprise Server 12 SP5-LTSSSUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Fixed in:

2.0.24-9.17.1

References

https://bugzilla.suse.com/1255715

https://bugzilla.suse.com/1256244

https://bugzilla.suse.com/1256389

https://bugzilla.suse.com/1256390

https://www.suse.com/security/cve/CVE-2025-68973

https://www.suse.com/support/update/announcement/2026/suse-su-20260378-1/

Upstream

Related

Ecosystems

SUSE Linux Enterprise Server 12 SP5-LTSS SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Timeline

PublishedFeb 4, 2026

ModifiedFeb 4, 2026

SUSE-SU-2026:0378-1 | Mondoo Vulnerability Intelligence