14 DAY TRIAL // Canonical has published details in a security notice about a GPGME vulnerability in Ubuntu 14.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems that has been found and corrected.
The Ubuntu developers have explained that GPGME could have been made to crash or to run programs as the user's login, if it processed a specially crafted certificate.
According to the security notice, "Tomáš Trnka discovered that GPGME incorrectly handled certain certificate line lengths. An attacker could use this issue to cause applications using GPGME to crash, resulting in a denial of service, or possibly execute arbitrary code."
For a more detailed description of the problems, you can see Canonical's security notification. Users should upgrade their Linux distribution in order fix any problems.
The flaw can be fixed if you upgrade your system(s) to the latest kdelibs5-pluginspackages specific to each distribution. To apply the patch, users can simply run the Update Manager application.
If you don't want to use the Software Updater, you can open a terminal and enter the following commands (you have to be root):
sudo apt-get dist-upgrade