Accepted gnupg 1.4.3-2ubuntu3 (source)
Martin Pitt
martin.pitt at ubuntu.com
Thu Aug 3 07:30:13 BST 2006
Accepted:
OK: gnupg_1.4.3-2ubuntu3.dsc
-> Component: main Section: utils
OK: gnupg_1.4.3-2ubuntu3.diff.gz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 3 Aug 2006 08:11:46 +0200
Source: gnupg
Binary: gnupg-udeb gnupg gpgv-udeb
Architecture: source
Version: 1.4.3-2ubuntu3
Distribution: edgy
Urgency: low
Maintainer: James Troup <james at nocrew.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description:
gnupg - GNU privacy guard - a free PGP replacement
gnupg-udeb - GNU privacy guard - a free PGP replacement
gpgv-udeb - minimal signature verification tool
Changes:
gnupg (1.4.3-2ubuntu3) edgy; urgency=low
.
* SECURITY UPDATE: Local arbitrary code execution.
* Add debian/patches/27_comment_control_overflow.dpatch:
- Fix buffer overflows in parse_comment() and parse_gpg_control().
- Patch extracted from stable 1.4.5 release.
- Reproducer:
perl -e 'print "\xfd\xff\xff\xff\xff\xfe"'| gpg --no-armor
- Credit: Evgeny Legerov
- CVE-2006-3746
Files:
c0d99317e0b16aae2cc8ea4fd1ce5be0 693 utils standard gnupg_1.4.3-2ubuntu3.dsc
3b10c621a7def61653b027241f3d4be7 25419 utils standard gnupg_1.4.3-2ubuntu3.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFE0ZUCDecnbV4Fd/IRAoZKAJ9vlb7PoGlA1T5m6/SHfgWHglVJrACgyfah
443zQy6+rYB9SQ7NAltGSy0=
=xqRq
-----END PGP SIGNATURE-----
More information about the edgy-changes
mailing list