Ubuntu
gnupg2 package

[Feisty] GnuPG 2.0 buffer overflow (CVE-2006-6169)

Bug #73985 reported by Michael Bienia on 2006-11-30

258

	Status	Importance	Assigned to
gnupg (Ubuntu)
Breezy	Fix Released	High	Kees Cook
Dapper	Fix Released	High	Kees Cook
Edgy	Fix Released	High	Kees Cook
gnupg2 (Debian)	Fix Released	Unknown	debbugs #400777
gnupg2 (Ubuntu)	Fix Released	High	Kees Cook

Please update to gnupg 2.0.1.

Revision history for this message

Kees Cook (kees) wrote on 2006-11-30:

USN-389-1

Revision history for this message

Simon Law (sfllaw) wrote on 2006-11-30:

This was fixed by 1.4.3-2ubuntu3.1 which went into the edgy-security archive. Upgrading versions is not something we do for stable releases.

Thanks for your report.

Revision history for this message

Michael Bienia (geser) wrote on 2006-11-30:

As gnupg2 2.0 (in feisty) is also vulnerable this bug report is that it doesn't get forgotten.

Kees Cook (kees) on 2006-11-30

Revision history for this message

Kees Cook (kees) wrote on 2006-12-01:

This is now in progress for Edgy and Feisty. Sorry about the confusion.

Changed in gnupg2:
status:	Confirmed → Fix Committed

Bug Watch Updater (bug-watch-updater) on 2006-12-01

Changed in gnupg2:
status:	Unknown → Unconfirmed

Bug Watch Updater (bug-watch-updater) on 2006-12-05

Changed in gnupg2:
status:	Unconfirmed → Fix Released

Revision history for this message

Kees Cook (kees) wrote on 2006-12-21:

USN-393-2 included this fix.

Changed in gnupg2:
status:	Fix Committed → Fix Released

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Bug watches keep track of this bug in other bug trackers.