Ubuntu

“gnupg” 1.4.6-2ubuntu5.2 source package in Ubuntu

Changelog

gnupg (1.4.6-2ubuntu5.2) hardy-security; urgency=low

  * SECURITY UPDATE: keyring corruption via malformed key import
    - debian/patches/CVE-2012-6085.dpatch: validate PKTTYPE in g10/import.c.
    - CVE-2012-6085
 -- Marc Deslauriers <email address hidden>   Tue, 08 Jan 2013 10:57:13 -0500

Upload details

Uploaded by:
Marc Deslauriers on 2013-01-08
Uploaded to:
Hardy
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
any
Section:
utils
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Hardy updates on 2013-01-09 main utils
Hardy security on 2013-01-09 main utils

Downloads

File Size MD5 Checksum
gnupg_1.4.6.orig.tar.gz 4.2 MiB b2f4e42a80e0cc9db10b2c610364b09a
gnupg_1.4.6-2ubuntu5.2.diff.gz 29.6 KiB 7da3af582f44ceb78d026719c86fdb60
gnupg_1.4.6-2ubuntu5.2.dsc 1.4 KiB 5063929c66a4344308d322283fbd77f5

Binary packages built by this source

gnupg: GNU privacy guard - a free PGP replacement

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC2440.
 .
 GnuPG does not use any patented algorithms so it cannot be compatible
 with PGP2 because it uses IDEA (which is patented worldwide).

gnupg-udeb: GNU privacy guard - a free PGP replacement

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC2440.
 .
 This is GnuPG packaged in minimal form for use in debian-installer.

gpgv: GNU privacy guard - signature verification tool

 GnuPG is GNU's tool for secure communication and data storage.
 .
 gpgv is a stripped-down version of gnupg which is only able to check
 signatures. It is smaller than the full-blown gnupg and uses a
 different (and simpler) way to check that the public keys used to
 make the signature are trustworthy.

gpgv-udeb: minimal signature verification tool

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC2440.
 .
 This is GnuPG's signature verification tool, gpgv, packaged in minimal
 form for use in debian-installer.