[ubuntu/saucy-proposed] gnupg 1.4.14-1ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Oct 8 15:39:19 UTC 2013 

gnupg (1.4.14-1ubuntu2) saucy; urgency=low

  * SECURITY UPDATE: incorrect no-usage-permitted flag handling
    - debian/patches/CVE-2013-4351.patch: correctly handle empty key flags
      in g10/getkey.c, g10/keygen.c, include/cipher.h.
    - CVE-2013-4351
  * SECURITY UPDATE: denial of service via infinite recursion
    - debian/patches/CVE-2013-4402.patch: set limits on number of filters
      and nested packets in util/iobuf.c, g10/mainproc.c.
    - CVE-2013-4402

Date: Tue, 08 Oct 2013 07:40:27 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/saucy/+source/gnupg/1.4.14-1ubuntu2
-------------- next part --------------
Format: 1.8
Date: Tue, 08 Oct 2013 07:40:27 -0400
Source: gnupg
Binary: gnupg gnupg-curl gpgv gnupg-udeb gpgv-udeb
Architecture: source
Version: 1.4.14-1ubuntu2
Distribution: saucy
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 gnupg      - GNU privacy guard - a free PGP replacement
 gnupg-curl - GNU privacy guard - a free PGP replacement (cURL)
 gnupg-udeb - GNU privacy guard - a free PGP replacement (udeb)
 gpgv       - GNU privacy guard - signature verification tool
 gpgv-udeb  - minimal signature verification tool (udeb)
Changes: 
 gnupg (1.4.14-1ubuntu2) saucy; urgency=low
 .
   * SECURITY UPDATE: incorrect no-usage-permitted flag handling
     - debian/patches/CVE-2013-4351.patch: correctly handle empty key flags
       in g10/getkey.c, g10/keygen.c, include/cipher.h.
     - CVE-2013-4351
   * SECURITY UPDATE: denial of service via infinite recursion
     - debian/patches/CVE-2013-4402.patch: set limits on number of filters
       and nested packets in util/iobuf.c, g10/mainproc.c.
     - CVE-2013-4402
Checksums-Sha1: 
 cce99620212c5ba142e599f23ffc8c79c78bcdb8 2348 gnupg_1.4.14-1ubuntu2.dsc
 187c4de5f91a8f98c1fa87c2b87b0c9e9089de36 34478 gnupg_1.4.14-1ubuntu2.debian.tar.gz
Checksums-Sha256: 
 b3dad0c81633bc971759c3e12bf98dcafa7c303ac245a3880f84c9c782af373f 2348 gnupg_1.4.14-1ubuntu2.dsc
 3fcd588f1fdf5f9f62d8c18026d0973b05d11ed116bce8d5d15c27feb311f9ed 34478 gnupg_1.4.14-1ubuntu2.debian.tar.gz
Files: 
 8ccb03eef20669dde69d8f0d1c3dbf5f 2348 utils important gnupg_1.4.14-1ubuntu2.dsc
 28aa47d354b3806466ba4948895d24e8 34478 utils important gnupg_1.4.14-1ubuntu2.debian.tar.gz
Original-Maintainer: Debian GnuPG-Maintainers <pkg-gnupg-maint at lists.alioth.debian.org>

More information about the Saucy-changes mailing list