Format: 1.8
Date: Thu, 26 May 2022 12:24:46 +0200
Source: gnupg2
Binary: gpgconf gnupg-agent gpg-agent gpg-wks-server gpg-wks-client scdaemon gpgsm gpg gnupg gnupg2 gpgv gpgv2 dirmngr gpgv-udeb gpgv-static gpgv-win32 gnupg-l10n gnupg-utils
Architecture: amd64 all amd64_translations
Version: 2.2.4-1ubuntu1.5
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lcy02-amd64-028.buildd>
Changed-By: David Fernandez Gonzalez <david.fernandezgonzalez@canonical.com>
Description:
 dirmngr    - GNU privacy guard - network certificate management service
 gnupg      - GNU privacy guard - a free PGP replacement
 gnupg-agent - GNU privacy guard - cryptographic agent (dummy transitional packa
 gnupg-l10n - GNU privacy guard - localization files
 gnupg-utils - GNU privacy guard - utility programs
 gnupg2     - GNU privacy guard - a free PGP replacement (dummy transitional pa
 gpg        - GNU Privacy Guard -- minimalist public key operations
 gpg-agent  - GNU privacy guard - cryptographic agent
 gpg-wks-client - GNU privacy guard - Web Key Service client
 gpg-wks-server - GNU privacy guard - Web Key Service server
 gpgconf    - GNU privacy guard - core configuration utilities
 gpgsm      - GNU privacy guard - S/MIME version
 gpgv       - GNU privacy guard - signature verification tool
 gpgv-static - minimal signature verification tool (static build)
 gpgv-udeb  - minimal signature verification tool (udeb)
 gpgv-win32 - GNU privacy guard - signature verification tool (win32 build)
 gpgv2      - GNU privacy guard - signature verification tool (dummy transition
 scdaemon   - GNU privacy guard - smart card support
Launchpad-Bugs-Fixed: 1844059
Changes:
 gnupg2 (2.2.4-1ubuntu1.5) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: Certificate Spamming Attack through SKS
     (LP: #1844059)
     - debian/patches/CVE-2019-13050-1.patch: add option to only accept
       self-signatures when importing a key in g10/import.c,
       g10/options.h and doc/gpg.texi.
     - debian/patches/CVE-2019-13050-2.patch: add fallback when importing
       self-signatures only in g10/import.c.
     - debian/patches/CVE-2019-13050-3.patch: add "self-sigs-only" and
       "import-clean" to the keyserver options in g10/gpg.c and
       doc/gpg.texi.
     - debian/patches/CVE-2019-13050-4.patch: fix regression by ensuring
       KEYID is available on a pending package in g10/import.c.
     - debian/patches/CVE-2019-13050-5.patch: prevent fallback from being
       used if the options are already used in g10/import.c.
     - CVE-2019-13050
Checksums-Sha1:
 dcea0c2ce16769b3c5516d68febe51706f96ab3f 906608 dirmngr-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 91769496156c026e03de1f9a0bae68a0b3f7013b 316676 dirmngr_2.2.4-1ubuntu1.5_amd64.deb
 35066c232bce29cb68e434362e997b178bbd850a 4872 gnupg-agent_2.2.4-1ubuntu1.5_all.deb
 40d46339b93a408d00d404cf8adb734c52e5d9df 50044 gnupg-l10n_2.2.4-1ubuntu1.5_all.deb
 44e7ba0e3a4720a822d18cbf78bfcef6204ac8f9 472796 gnupg-utils-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 5097d0856b0abc687bae104537e4fcf72e1d9f5d 127724 gnupg-utils_2.2.4-1ubuntu1.5_amd64.deb
 72b5a4636ddf64a24c16275fc02370c7c2d1bea7 5300 gnupg2_2.2.4-1ubuntu1.5_all.deb
 eedccaf96b796fda34e9cbdf547d749c57e49eb0 21445 gnupg2_2.2.4-1ubuntu1.5_amd64.buildinfo
 59b5145946f79437cf63310ad5136dd0effb37ee 3540811 gnupg2_2.2.4-1ubuntu1.5_amd64_translations.tar.gz
 70e1dca452a7bd9b1b26905df5fa28754368abff 249320 gnupg_2.2.4-1ubuntu1.5_amd64.deb
 f64d541e4b0b7a3a9eff32d49989611a176bb669 958460 gpg-agent-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 f0a4866d8b8c2f37b3aeae4ebd9914f99fbc2449 227280 gpg-agent_2.2.4-1ubuntu1.5_amd64.deb
 0348b5ebad55577830f68a5146e157645ef2f860 1308980 gpg-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 e54dac75e07a82ef694160a8f87f7458f16f3b35 269448 gpg-wks-client-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 bc3297c909ba0bc8d527df223bb40b62ff9a038e 91768 gpg-wks-client_2.2.4-1ubuntu1.5_amd64.deb
 3fe3cc55a9548f3aeef7ef1d13b7d542a488cac8 246084 gpg-wks-server-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 6a03933afe8d999cd5abd0a50494096d211eb7ad 85000 gpg-wks-server_2.2.4-1ubuntu1.5_amd64.deb
 9fe30748c079041b051955738dfb9aec070d422c 468124 gpg_2.2.4-1ubuntu1.5_amd64.deb
 d0e04bbefd813ef201bfcd3513e2de41c717545e 353744 gpgconf-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 1a0807422dd2891620f0b80d11c1349a836c42b9 123456 gpgconf_2.2.4-1ubuntu1.5_amd64.deb
 cfc3b9633f22b17e580776938afff40c103e5ae3 587644 gpgsm-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 eb8d8d9889025d464e972de3f9498dd48a228df1 214888 gpgsm_2.2.4-1ubuntu1.5_amd64.deb
 c119571ed68f200572b5a75c75843317070e48aa 600944 gpgv-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 774013a65fbb47a1dbe32f76e2f1709b40dfdcba 638788 gpgv-static-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 11d0df21cedabfcd4b773bf896ade035dddaf340 929988 gpgv-static_2.2.4-1ubuntu1.5_amd64.deb
 af8b182919f3299474d2f5807b761a7ce0e079c3 188372 gpgv-udeb_2.2.4-1ubuntu1.5_amd64.udeb
 00b74629e876b3fc36de8db2f85edfc5c3f75b89 466900 gpgv-win32_2.2.4-1ubuntu1.5_all.deb
 eef02609a804cb4a3e9bb74cc57ef8c45e83933d 4236 gpgv2_2.2.4-1ubuntu1.5_all.deb
 c27d31bfa1d9175e03d893e379cf527a70166700 198468 gpgv_2.2.4-1ubuntu1.5_amd64.deb
 a9c4893a633cdd34869c95ca3b55d96d3bf7314c 469048 scdaemon-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 912b05f718dab9680eca0597079f7c529bedc9fa 184692 scdaemon_2.2.4-1ubuntu1.5_amd64.deb
Checksums-Sha256:
 08b09034cf641ddce7fa7fcbfe799e6e7af67aab012d7adc1e087e1f3130364e 906608 dirmngr-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 cb2b547e36fb95b39962287493baa1e3f5db0b034d99cf3d70a47ad5f4e884ca 316676 dirmngr_2.2.4-1ubuntu1.5_amd64.deb
 550dfaa90b8f3ff1cec005533ad90bc526462948c94247f116419a6c8d31b9eb 4872 gnupg-agent_2.2.4-1ubuntu1.5_all.deb
 ea62fb2f935db1d4780aa717a410c3dbd31b0d458ad5500af7f96160565c4e92 50044 gnupg-l10n_2.2.4-1ubuntu1.5_all.deb
 88b405c332276a26c662f9c713d1fecdd540cc13d79ee7a405fc2c03614d43b4 472796 gnupg-utils-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 50d57fd12d1f0978073ec194dec46aa13c31a21fbc66c455cb288f61054bcb42 127724 gnupg-utils_2.2.4-1ubuntu1.5_amd64.deb
 641d74a6007ffe374f960cdef64bb778a3294749dc5a513297b0594b22ec485b 5300 gnupg2_2.2.4-1ubuntu1.5_all.deb
 58a015ebc53768201b911dd475e811b6c983c7eb50ca8cb15ea9ba30822dd10d 21445 gnupg2_2.2.4-1ubuntu1.5_amd64.buildinfo
 bdb0278d8615304433a8478eb001acbf38a492ef28ff4fe7542671abe72fb8d9 3540811 gnupg2_2.2.4-1ubuntu1.5_amd64_translations.tar.gz
 c0975989f6e5bb76a5bb2bc3cf9138e02dcc3e72d594ccaa075ce2624bce3f1d 249320 gnupg_2.2.4-1ubuntu1.5_amd64.deb
 cb0695430d05680dea040e90aa38a4b132f2ed2fbcd91ae44f8d9ff17d3756e6 958460 gpg-agent-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 7c32d365702519802b3e389acbe7e16516ce5656299dc83862e45f1865d9dde7 227280 gpg-agent_2.2.4-1ubuntu1.5_amd64.deb
 894ccbb598e8a71f7d6133684217eaa6760c79e29e3db19240079b0f06bf45a3 1308980 gpg-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 680b6ec28643d13819869fa25790e529a62dbb5889daa542a576e230fe40f645 269448 gpg-wks-client-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 f7f14708240118a9055bd9eb5725edb32430aef57aec0f8d5a384783494de8dd 91768 gpg-wks-client_2.2.4-1ubuntu1.5_amd64.deb
 5749f790563080b0986e744f113945499d90c58b6765158dd7590b3e236546a8 246084 gpg-wks-server-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 1af7a84b664e1d7af37170ee1c6e4fea240d088b704445c9cef65dc27af7dd39 85000 gpg-wks-server_2.2.4-1ubuntu1.5_amd64.deb
 707164338d5934162ecd90efdf978af592821eb900277eecba111f88dcd6fda4 468124 gpg_2.2.4-1ubuntu1.5_amd64.deb
 16071bda060ee4cf4cc3499fa9b12e2335d80842b63a32f3af18a51ce4eef48a 353744 gpgconf-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 66894cceca722534f0ff24ac949ece484b0b6dc41649117b65e4d7febb36bbae 123456 gpgconf_2.2.4-1ubuntu1.5_amd64.deb
 ff3110a4f9fc305ea3ba105950affd990632aba64ea180b6726d1e2c6902f797 587644 gpgsm-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 134c925ecff1a668e6999a9c3438a64e603e92de2a1b8e5019b04e7a96a5832c 214888 gpgsm_2.2.4-1ubuntu1.5_amd64.deb
 8d5d2566923ea29604c853329648c72ff2a198cdb5ef888c66161c20655ddbcb 600944 gpgv-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 03e555ed2672831fdc9fef2ad8d2336672f6692ea37642a03c14149574041591 638788 gpgv-static-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 ae6a703709decd183da1e0cba02e7ed6e59b78df2ab4aa059371622b241b4af4 929988 gpgv-static_2.2.4-1ubuntu1.5_amd64.deb
 57ff7231a0aba45177f212d0bf733e4ce43a749a148248e3386fc59014b6e245 188372 gpgv-udeb_2.2.4-1ubuntu1.5_amd64.udeb
 62fdd33fc94cef45b5cc55f91cd76299a858098438bf1ebc5552b61af560f7c9 466900 gpgv-win32_2.2.4-1ubuntu1.5_all.deb
 f8b57b5e69df639fc7e576220ef0512695b54fa58510023bdd3816b05b778021 4236 gpgv2_2.2.4-1ubuntu1.5_all.deb
 a6bf68af4c5184cc1255bd929356162a4653dbba7acedd7ee5af4561bfe1fdec 198468 gpgv_2.2.4-1ubuntu1.5_amd64.deb
 1eb2614bfdf2d080ed7e7fff2115fcf7a6a73d11b4c864fdd6777e7c9250a955 469048 scdaemon-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 fbcdc674f6ef81f169422de7858fbbf0a42d3cae607f0094d52ee6d4ef84d014 184692 scdaemon_2.2.4-1ubuntu1.5_amd64.deb
Files:
 c8ee5bc58ba04c893a047da012a2de67 906608 debug optional dirmngr-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 5fdb45bd6f75fee3dd242376c1983537 316676 utils optional dirmngr_2.2.4-1ubuntu1.5_amd64.deb
 99a641d2a811e1a7795ba1fab7fe0489 4872 oldlibs optional gnupg-agent_2.2.4-1ubuntu1.5_all.deb
 4346e5d5823b67cc6344448c24d5c328 50044 localization optional gnupg-l10n_2.2.4-1ubuntu1.5_all.deb
 52ae356ca4bdd5e29a0175a34660aa76 472796 debug optional gnupg-utils-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 ca1eea0ae58025902435b8bee0b6e71d 127724 utils optional gnupg-utils_2.2.4-1ubuntu1.5_amd64.deb
 0138862af73f0deedcf0d0037341031a 5300 oldlibs optional gnupg2_2.2.4-1ubuntu1.5_all.deb
 a1d8138932fc47d0cf6a8d928c6e134e 21445 utils optional gnupg2_2.2.4-1ubuntu1.5_amd64.buildinfo
 d49c61413e58c04e34df1496bd2e69a9 3540811 raw-translations - gnupg2_2.2.4-1ubuntu1.5_amd64_translations.tar.gz
 6cc18318c38b9b8bd1dab9ae9e84ddce 249320 utils optional gnupg_2.2.4-1ubuntu1.5_amd64.deb
 09ba6f2859529d9f5b127d8bac3b8194 958460 debug optional gpg-agent-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 351bbcb7b3f540365a8a4112dd82b950 227280 utils optional gpg-agent_2.2.4-1ubuntu1.5_amd64.deb
 3f10f9ccf5b77d3e9a987989d973f9cd 1308980 debug optional gpg-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 54302358560ad23fd47df8c73988c27b 269448 debug optional gpg-wks-client-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 1915b02c89ed84f9e1fbe0b36edf302a 91768 utils optional gpg-wks-client_2.2.4-1ubuntu1.5_amd64.deb
 bc5390721af15239d22e9009c91ecc62 246084 debug optional gpg-wks-server-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 8290a6d56ccf8d1ced1c766e4b82a848 85000 utils optional gpg-wks-server_2.2.4-1ubuntu1.5_amd64.deb
 0bf5553b2a8b28c2a0a299a4711e259a 468124 utils optional gpg_2.2.4-1ubuntu1.5_amd64.deb
 678f2d8d17acf306d270aa35dde7e539 353744 debug optional gpgconf-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 e41c42202b12a72a70c7be1788bbae5d 123456 utils optional gpgconf_2.2.4-1ubuntu1.5_amd64.deb
 7e087f754e9c26f3b49d6360b7d84bd9 587644 debug optional gpgsm-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 f6de3d007ed9083d49945d990f4daa10 214888 utils optional gpgsm_2.2.4-1ubuntu1.5_amd64.deb
 7c48f7bb8383b86bc225e5cf77866e0e 600944 debug optional gpgv-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 a4e8b26b0a65c660da93159b197d425c 638788 debug optional gpgv-static-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 b63cbd383810833c9c38f3f0ba40f47c 929988 utils optional gpgv-static_2.2.4-1ubuntu1.5_amd64.deb
 da3f305455e2c44461f6aa710b506b2e 188372 debian-installer optional gpgv-udeb_2.2.4-1ubuntu1.5_amd64.udeb
 edc46725eebfcb616e9ea0d0e3aea602 466900 utils optional gpgv-win32_2.2.4-1ubuntu1.5_all.deb
 5ee74af6906f8c99593cce6b8e6645c8 4236 oldlibs optional gpgv2_2.2.4-1ubuntu1.5_all.deb
 b810d60195c79caa6dc2513640fb905a 198468 utils important gpgv_2.2.4-1ubuntu1.5_amd64.deb
 d5deb635c9969235b9bf5be5924f3283 469048 debug optional scdaemon-dbgsym_2.2.4-1ubuntu1.5_amd64.ddeb
 3763209832aebcd74f783c5e40f3d7b2 184692 utils optional scdaemon_2.2.4-1ubuntu1.5_amd64.deb
Original-Maintainer: Debian GnuPG Maintainers <pkg-gnupg-maint@lists.alioth.debian.org>