Login
Newsletter
Werbung

Sicherheit: Denial of Service in gnupg2
Aktuelle Meldungen Distributionen
Name: Denial of Service in gnupg2
ID: FEDORA-2013-18807
Distribution: Fedora
Plattformen: Fedora 19
Datum: Mo, 14. Oktober 2013, 18:35
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4402
Applikationen: The GNU Privacy Guard

Originalnachricht

Name        : gnupg2
Product : Fedora 19
Version : 2.0.22
Release : 1.fc19
URL : http://www.gnupg.org/
Summary : Utility for secure communication and data storage
Description :
GnuPG is GNU's tool for secure communication and data storage. It can
be used to encrypt data and to create digital signatures. It includes
an advanced key management facility and is compliant with the proposed
OpenPGP Internet standard as described in RFC2440 and the S/MIME
standard as described by several RFCs.

GnuPG 2.0 is a newer version of GnuPG with additional support for
S/MIME. It has a different design philosophy that splits
functionality up into several modules. The S/MIME and smartcard functionality
is provided by the gnupg2-smime package.

-------------------------------------------------------------------------------
-
Update Information:

Security update fixing a DoS issue.
-------------------------------------------------------------------------------
-
ChangeLog:

* Tue Oct 8 2013 Tomáš Mráz <tmraz@redhat.com> - 2.0.22-1
- new upstream release fixing CVE-2013-4402
* Fri Aug 23 2013 Tomáš Mráz <tmraz@redhat.com> - 2.0.21-1
- new upstream release
* Wed Aug 7 2013 Tomas Mraz <tmraz@redhat.com> - 2.0.20-3
- adjust to the unversioned docdir change (#993785)
* Sat Aug 3 2013 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 2.0.20-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Wed May 15 2013 Tomas Mraz <tmraz@redhat.com> - 2.0.20-1
- new upstream release
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1015685 - CVE-2013-4402 GnuPG: infinite recursion in the
compressed packet parser DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1015685
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update gnupg2' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung