gnupg2 2.0.14-1ubuntu1.6 source package in Ubuntu

Changelog

gnupg2 (2.0.14-1ubuntu1.6) lucid-security; urgency=low

  * SECURITY UPDATE: incorrect no-usage-permitted flag handling
    - debian/patches/CVE-2013-4351.patch: correctly handle empty key flags
      in g10/getkey.c, g10/keygen.c, include/cipher.h.
    - CVE-2013-4351
  * SECURITY UPDATE: denial of service via infinite recursion
    - debian/patches/CVE-2013-4402.patch: set limits on number of filters
      and nested packets in common/iobuf.c, g10/mainproc.c.
    - CVE-2013-4402
 -- Marc Deslauriers <email address hidden>   Mon, 07 Oct 2013 15:52:58 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2013-10-07
Uploaded to:
Lucid
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
utils
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
gnupg2_2.0.14.orig.tar.bz2 3.8 MiB feb6050dc00e59d426485550a2af8d416cf975e5e1e0ecf1c5f1bd139baafca5
gnupg2_2.0.14-1ubuntu1.6.debian.tar.bz2 44.6 KiB 33cbfba8e436e7382405cfc78dfd05417535fd758d50c33b30f4c2f9ad1263e2
gnupg2_2.0.14-1ubuntu1.6.dsc 2.1 KiB 7673cd8af07a46290685052a68814db619ae6e56a0ff8f34d3fee1f4d13dee81

View changes file

Binary packages built by this source

gnupg-agent: GNU privacy guard - password agent

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC2440.
 .
 This package contains the agent program gpg-agent which keeps a
 temporary secure storage of your passphrases.

gnupg2: GNU privacy guard - a free PGP replacement (new v2.x)

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC2440.
 .
 GnuPG 2.x is the new modularized version of GnuPG supporting OpenPGP
 and S/MIME.
 .
 GnuPG does not use any patented algorithms so it cannot be compatible
 with PGP2 because it uses IDEA (which is patented worldwide).

gpgsm: GNU privacy guard - S/MIME version

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC2440.
 .
 This package contains the gpgsm program. gpgsm is a tool to provide
 digital encryption and signing services on X.509 certificates and the
 CMS protocol. gpgsm includes complete certificate management.