gnupg 1.4.16-1.2ubuntu1.2 source package in Ubuntu

Changelog

gnupg (1.4.16-1.2ubuntu1.2) utopic-security; urgency=medium

  * Screen responses from keyservers (LP: #1409117)
    - d/p/0001-Screen-keyserver-responses.patch
    - d/p/0002-Make-screening-of-keyserver-result-work-with-multi-k.patch
    - d/p/0003-Add-kbnode_t-for-easier-backporting.patch
    - d/p/0004-gpg-Fix-regression-due-to-the-keyserver-import-filte.patch
  * Fix large key size regression from CVE-2014-5270 changes (LP: #1371766)
    - d/p/Add-build-and-runtime-support-for-larger-RSA-key.patch
    - debian/rules: build with --enable-large-secmem
  * SECURITY UPDATE: sidechannel attack on Elgamal
    - debian/patches/CVE-2014-3591.patch: use ciphertext blinding in
      cipher/elgamal.c.
    - CVE-2014-3591
  * SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
    - debian/patches/CVE-2015-0837.patch: avoid timing variations in
      include/mpi.h, mpi/mpi-pow.c, mpi/mpiutil.c.
    - CVE-2015-0837
  * SECURITY UPDATE: invalid memory read via invalid keyring
    - debian/patches/CVE-2015-1606.patch: skip all packets not allowed in
      a keyring in g10/keyring.c.
    - CVE-2015-1606
  * SECURITY UPDATE: memcpy with overlapping ranges
    - debian/patches/CVE-2015-1607.patch: use inline functions to convert
      buffer data to scalars in g10/apdu.c, g10/app-openpgp.c,
      g10/build-packet.c, g10/ccid-driver.c, g10/getkey.c, g10/keygen.c,
      g10/keyid.c, g10/misc.c, g10/parse-packet.c, g10/tdbio.c,
      g10/trustdb.c, include/host2net.h.
    - CVE-2015-1607
 -- Marc Deslauriers <email address hidden>   Fri, 27 Mar 2015 08:21:50 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2015-03-27
Uploaded to:
Utopic
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
utils
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
gnupg_1.4.16.orig.tar.gz 4.8 MiB f3af2f9c34c305869ad38b4ee7ab9e1487f50884ee8d9d42cccb31e1ced5cdef
gnupg_1.4.16-1.2ubuntu1.2.debian.tar.xz 45.4 KiB 0e4c207bd30f6be017d3ae91a79ec36da2c6fc5a98322776cf0441974facdb29
gnupg_1.4.16-1.2ubuntu1.2.dsc 2.3 KiB eb8598959e387034122d138bfaca5e2ea6bb64e61740805997bc56b1514beef3

View changes file

Binary packages built by this source

gnupg: No summary available for gnupg in ubuntu utopic.

No description available for gnupg in ubuntu utopic.

gnupg-curl: No summary available for gnupg-curl in ubuntu utopic.

No description available for gnupg-curl in ubuntu utopic.

gnupg-udeb: No summary available for gnupg-udeb in ubuntu utopic.

No description available for gnupg-udeb in ubuntu utopic.

gpgv: No summary available for gpgv in ubuntu utopic.

No description available for gpgv in ubuntu utopic.

gpgv-udeb: No summary available for gpgv-udeb in ubuntu utopic.

No description available for gpgv-udeb in ubuntu utopic.