drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in gnupg2
Name: |
Denial of Service in gnupg2 |
|
ID: |
FEDORA-2014-7796 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 20 |
|
Datum: |
So, 29. Juni 2014, 11:53 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4617 |
|
Applikationen: |
The GNU Privacy Guard |
|
Originalnachricht |
Name : gnupg2 Product : Fedora 20 Version : 2.0.24 Release : 1.fc20 URL : http://www.gnupg.org/ Summary : Utility for secure communication and data storage Description : GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described by several RFCs.
GnuPG 2.0 is a newer version of GnuPG with additional support for S/MIME. It has a different design philosophy that splits functionality up into several modules. The S/MIME and smartcard functionality is provided by the gnupg2-smime package.
------------------------------------------------------------------------------- - Update Information:
Minor security update from upstream. ------------------------------------------------------------------------------- - ChangeLog:
* Wed Jun 25 2014 Tomáš Mráz <tmraz@redhat.com> - 2.0.24-1 - new upstream release fixing CVE-2014-4617 * Sat Jun 7 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.22-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild * Wed May 7 2014 Tomáš Mráz <tmraz@redhat.com> - 2.0.22-3 - do not dump core if hash algorithm not available in the FIPS mode * Tue Mar 4 2014 Tomáš Mráz <tmraz@redhat.com> - 2.0.22-2 - rebuilt against new libgcrypt ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1112509 - CVE-2014-4617 gnupg: infinite loop when decompressing data packets https://bugzilla.redhat.com/show_bug.cgi?id=1112509 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update gnupg2' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|