Ubuntu

“gnupg” 1.4.12-7ubuntu1.3 source package in Ubuntu

Changelog

gnupg (1.4.12-7ubuntu1.3) raring-security; urgency=low

  * SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
    Cryptanalysis attack
    - debian/patches/CVE-2013-4576.patch: Use blinding for the RSA secret
      operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
      MPIs used as input to secret key functions in cipher/dsa.c,
      cipher/elgamal.c, cipher/rsa.c.
    - CVE-2013-4576
 -- Marc Deslauriers <email address hidden>   Wed, 18 Dec 2013 11:14:22 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2013-12-18
Uploaded to:
Raring
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
any
Section:
utils
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Raring updates on 2013-12-18 main utils
Raring security on 2013-12-18 main utils

Downloads

File Size MD5 Checksum
gnupg_1.4.12.orig.tar.gz 4.7 MiB f9a65ccd7166d3fdb084454cf7427564
gnupg_1.4.12-7ubuntu1.3.debian.tar.gz 103.0 KiB 18b0132d7ffd597242bbc4bb5633bb30
gnupg_1.4.12-7ubuntu1.3.dsc 2.3 KiB 136b2d05b5b41076f76c3c557cb4f543

Binary packages built by this source

gnupg: GNU privacy guard - a free PGP replacement

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC 4880.
 .
 GnuPG 1.4 is the standalone, non-modularized series. In contrast to
 the version 2 series, shipped with the gnupg2 package, it comes
 with no support for S/MIME and some other tools useful for desktop
 environments, but also with less dependencies.
 .
 The gnupg package is built without libcurl. So it does not support
 HKPS keyservers. Install the gnupg-curl package if you want to use
 the keyserver helper tools built with libcurl and supporting HKPS.
 .
 GnuPG does not use any patented algorithms. This means it cannot be
 compatible with PGP2, because that uses IDEA (which is patented in
 a number of countries).

gnupg-curl: GNU privacy guard - a free PGP replacement (cURL)

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC 4880.
 .
 This package contains the keyserver helper tools built with libcurl,
 which replace the ones in the gnupg package built with the "curl shim"
 variant of gnupg. This package provides support for HKPS keyservers.
 .
 GnuPG does not use any patented algorithms. This means it cannot be
 compatible with PGP2, because that uses IDEA (which is patented in
 a number of countries).

gnupg-udeb: GNU privacy guard - a free PGP replacement

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC 4880.
 .
 This is GnuPG packaged in minimal form for use in debian-installer.

gpgv: GNU privacy guard - signature verification tool

 GnuPG is GNU's tool for secure communication and data storage.
 .
 gpgv is a stripped-down version of gnupg which is only able to check
 signatures. It is smaller than the full-blown gnupg and uses a
 different (and simpler) way to check that the public keys used to
 make the signature are trustworthy.

gpgv-udeb: minimal signature verification tool

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC 4880.
 .
 This is GnuPG's signature verification tool, gpgv, packaged in minimal
 form for use in debian-installer.