drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in gnupg2
| Name: |
Denial of Service in gnupg2 |
|
| ID: |
FEDORA-2013-0258 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 17 |
|
| Datum: |
Sa, 12. Januar 2013, 23:17 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6085 |
|
| Applikationen: |
The GNU Privacy Guard |
|
Originalnachricht |
Name : gnupg2
Product : Fedora 17
Version : 2.0.19
Release : 7.fc17
URL : http://www.gnupg.org/
Summary : Utility for secure communication and data storage
Description :
GnuPG is GNU's tool for secure communication and data storage. It can
be used to encrypt data and to create digital signatures. It includes
an advanced key management facility and is compliant with the proposed
OpenPGP Internet standard as described in RFC2440 and the S/MIME
standard as described by several RFCs.
GnuPG 2.0 is a newer version of GnuPG with additional support for
S/MIME. It has a different design philosophy that splits
functionality up into several modules. The S/MIME and smartcard functionality
is provided by the gnupg2-smime package.
-------------------------------------------------------------------------------
-
Update Information:
Low impact security fix update.
-------------------------------------------------------------------------------
-
ChangeLog:
* Wed Jan 2 2013 Tomas Mraz <tmraz@redhat.com> - 2.0.19-7
- fix CVE-2012-6085 - skip invalid key packets (#891142)
* Thu Nov 22 2012 Tomas Mraz <tmraz@redhat.com> - 2.0.19-6
- use AES as default crypto algorithm in FIPS mode (#879047)
* Fri Nov 16 2012 Jamie Nguyen <jamielinux@fedoraproject.org> - 2.0.19-5
- rebuild for <f18 (#877106)
* Fri Jul 27 2012 Tomas Mraz <tmraz@redhat.com> - 2.0.19-4
- fix negated condition (#843842)
* Thu Jul 26 2012 Tomas Mraz <tmraz@redhat.com> - 2.0.19-3
- add compat symlinks and provides if built on RHEL
* Thu Jul 19 2012 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 2.0.19-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Tue Apr 24 2012 Tomas Mraz <tmraz@redhat.com> - 2.0.19-1
- new upstream release
- set environment in protect-tool (#548528)
- do not reject OCSP signing certs without keyUsage (#720174)
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #891142 - CVE-2012-6085 GnuPG: read_block() corrupt key input
validation
https://bugzilla.redhat.com/show_bug.cgi?id=891142
-------------------------------------------------------------------------------
-
This update can be installed with the "yum" update program. Use
su -c 'yum update gnupg2' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|
