gnupg2 2.1.11-6ubuntu2.1 source package in Ubuntu
Changelog
gnupg2 (2.1.11-6ubuntu2.1) xenial-security; urgency=medium
* SECURITY UPDATE: missing sanitization of verbose output
- debian/patches/CVE-2018-12020.patch: Sanitize diagnostic with
the original file name.
- CVE-2018-12020
* backport patch to handle the tofu tests expiring in 2016
- d/p/0006-tests-openpgp-Fake-the-system-time-for-the-tofu-test.patch
-- Steve Beattie <email address hidden> Thu, 14 Jun 2018 10:41:36 -0700
Upload details
- Uploaded by:
- Steve Beattie
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Xenial | updates | main | utils | |
| Xenial | security | main | utils |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| gnupg2_2.1.11.orig.tar.bz2 | 5.0 MiB | b7b0fb2c8c5d47d7ec916d4a1097c0ddcb94a12bb1c0ac424ad86b1ee316b61a |
| gnupg2_2.1.11-6ubuntu2.1.debian.tar.bz2 | 33.9 KiB | e7019be68d2890eae96e2ff3c694d8146496a0430055e893356756bdd27f5b21 |
| gnupg2_2.1.11-6ubuntu2.1.dsc | 2.7 KiB | ec0c9c2437f70618131f59d3196dcf6b0369eb1f1851082ea5c046914da5566e |
Available diffs
Binary packages built by this source
- dirmngr: server for managing certificate revocation lists
DirMngr is a server for managing and downloading certificate revocation
lists (CRLs) for X.509 certificates and for downloading the certificates
themselves. DirMngr also handles OCSP requests as an alternative to
CRLs. DirMngr is either invoked internally by gpgsm or when running as
a system daemon through the dirmngr-client tool.
- dirmngr-dbgsym: debug symbols for package dirmngr
DirMngr is a server for managing and downloading certificate revocation
lists (CRLs) for X.509 certificates and for downloading the certificates
themselves. DirMngr also handles OCSP requests as an alternative to
CRLs. DirMngr is either invoked internally by gpgsm or when running as
a system daemon through the dirmngr-client tool.
- gnupg-agent: GNU privacy guard - cryptographic agent
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
This package contains the agent program gpg-agent which handles all
secret key material for OpenPGP and S/MIME use. The agent also
provides a passphrase cache, which is used by pre-2.1 versions of
GnuPG for OpenPGP operations.
- gnupg-agent-dbgsym: debug symbols for package gnupg-agent
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
This package contains the agent program gpg-agent which handles all
secret key material for OpenPGP and S/MIME use. The agent also
provides a passphrase cache, which is used by pre-2.1 versions of
GnuPG for OpenPGP operations.
- gnupg2: GNU privacy guard - a free PGP replacement (new v2.x)
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
GnuPG 2.x is the new modularized version of GnuPG supporting OpenPGP
and S/MIME.
- gnupg2-dbgsym: debug symbols for package gnupg2
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
GnuPG 2.x is the new modularized version of GnuPG supporting OpenPGP
and S/MIME.
- gpgsm: GNU privacy guard - S/MIME version
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
This package contains the gpgsm program. gpgsm is a tool to provide
digital encryption and signing services on X.509 certificates and the
CMS protocol. gpgsm includes complete certificate management.
- gpgsm-dbgsym: debug symbols for package gpgsm
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
This package contains the gpgsm program. gpgsm is a tool to provide
digital encryption and signing services on X.509 certificates and the
CMS protocol. gpgsm includes complete certificate management.
- gpgv-udeb: minimal signature verification tool
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC 4880.
.
This is GnuPG's signature verification tool, gpgv, packaged in minimal
form for use in debian-installer.
- gpgv-udeb-dbgsym: debug symbols for package gpgv-udeb
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC 4880.
.
This is GnuPG's signature verification tool, gpgv, packaged in minimal
form for use in debian-installer.
- gpgv2: GNU privacy guard - signature verification tool (new v2.x)
GnuPG is GNU's tool for secure communication and data storage.
.
gpgv2 is actually a stripped-down version of gpg2 which is only able
to check signatures. It is somewhat smaller than the fully-blown gpg2
and uses a different (and simpler) way to check that the public keys
used to make the signature are valid. There are no configuration
files and only a few options are implemented.
- gpgv2-dbgsym: debug symbols for package gpgv2
GnuPG is GNU's tool for secure communication and data storage.
.
gpgv2 is actually a stripped-down version of gpg2 which is only able
to check signatures. It is somewhat smaller than the fully-blown gpg2
and uses a different (and simpler) way to check that the public keys
used to make the signature are valid. There are no configuration
files and only a few options are implemented.
- scdaemon: GNU privacy guard - smart card support
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
This package contains the smart card program scdaemon, which is used
by gnupg-agent to access OpenPGP smart cards.
- scdaemon-dbgsym: debug symbols for package scdaemon
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
This package contains the smart card program scdaemon, which is used
by gnupg-agent to access OpenPGP smart cards.
