Login
Newsletter
Werbung

Sicherheit: Mangelnde Prüfung von Signaturen in The GNU Privacy Guard
Aktuelle Meldungen Distributionen
Name: Mangelnde Prüfung von Signaturen in The GNU Privacy Guard
ID: FEDORA-2018-3fc05e009d
Distribution: Fedora
Plattformen: Fedora 27
Datum: So, 15. April 2018, 21:55
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9234
https://bugzilla.redhat.com/show_bug.cgi?id=1565387
Applikationen: The GNU Privacy Guard

Originalnachricht

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2018-3fc05e009d
2018-04-15 14:43:03.387917
-------------------------------------------------------------------------------
-

Name : gnupg2
Product : Fedora 27
Version : 2.2.6
Release : 1.fc27
URL : http://www.gnupg.org/
Summary : Utility for secure communication and data storage
Description :
GnuPG is GNU's tool for secure communication and data storage. It can
be used to encrypt data and to create digital signatures. It includes
an advanced key management facility and is compliant with the proposed
OpenPGP Internet standard as described in RFC2440 and the S/MIME
standard as described by several RFCs.

GnuPG 2.0 is a newer version of GnuPG with additional support for
S/MIME. It has a different design philosophy that splits
functionality up into several modules. The S/MIME and smartcard functionality
is provided by the gnupg2-smime package.

-------------------------------------------------------------------------------
-
Update Information:

Minor update from upstream with fix for CVE-2018-9234 and other bug fixes.
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1563931 - CVE-2018-9234 gnupg2: GnuPG: Unenforced configuration
allows for apparently valid certifications actually signed by signing subkeys [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1563931
[ 2 ] Bug #1565387 - gnupg2-2.2.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1565387
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade gnupg2' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung