Format: 1.8 Date: Fri, 27 Mar 2015 08:16:53 -0400 Source: gnupg2 Binary: gnupg-agent scdaemon gpgsm gnupg2 gpgv2 Architecture: arm64 arm64_translations Version: 2.0.24-1ubuntu2.2 Distribution: utopic Urgency: medium Maintainer: Ubuntu Build Daemon Changed-By: Marc Deslauriers Description: gnupg-agent - GNU privacy guard - password agent gnupg2 - GNU privacy guard - a free PGP replacement (new v2.x) gpgsm - GNU privacy guard - S/MIME version gpgv2 - GNU privacy guard - signature verification tool (new v2.x) scdaemon - GNU privacy guard - smart card support Launchpad-Bugs-Fixed: 1371766 1421640 Changes: gnupg2 (2.0.24-1ubuntu2.2) utopic-security; urgency=medium . * Fix screening responses from keyservers (LP: #1421640) - d/p/0002-Make-screening-of-keyserver-result-work-with-multi-k.patch - d/p/0003-Add-kbnode_t-for-easier-backporting.patch - d/p/0004-gpg-Fix-regression-due-to-the-keyserver-import-filte.patch * Fix large key size regression from CVE-2014-5270 changes (LP: #1371766) - d/p/Add-build-and-runtime-support-for-larger-RSA-key.patch - debian/rules: build with --enable-large-secmem * SECURITY UPDATE: invalid memory read via invalid keyring - debian/patches/CVE-2015-1606.patch: skip all packets not allowed in a keyring in g10/keyring.c. - CVE-2015-1606 * SECURITY UPDATE: memcpy with overlapping ranges - debian/patches/CVE-2015-1607.patch: use inline functions to convert buffer data to scalars in common/iobuf.c, g10/build-packet.c, g10/getkey.c, g10/keyid.c, g10/main.h, g10/misc.c, g10/parse-packet.c, g10/tdbio.c, g10/trustdb.c, include/host2net.h, kbx/keybox-dump.c, kbx/keybox-openpgp.c, kbx/keybox-search.c, kbx/keybox-update.c, scd/apdu.c, scd/app-openpgp.c, scd/ccid-driver.c, scd/pcsc-wrapper.c, tools/ccidmon.c. - CVE-2015-1607 Checksums-Sha1: 6f31f4c0aa2cda6d619b4ed7212bb6a0db6398cf 191784 gnupg-agent_2.0.24-1ubuntu2.2_arm64.deb d793a249ab4cbd366a627e834945ea90fc451912 137668 scdaemon_2.0.24-1ubuntu2.2_arm64.deb 5b823561a81ca91ee57279fe78f6bd81c11fa5ff 164558 gpgsm_2.0.24-1ubuntu2.2_arm64.deb 3774bd85b1fb32b35412718b532660bd58fac860 618106 gnupg2_2.0.24-1ubuntu2.2_arm64.deb 9ff2589ee82cc84faf15da66ee405125a430ce26 130350 gpgv2_2.0.24-1ubuntu2.2_arm64.deb 37bd6a063db323020628a6873d9467f9f623327f 3069852 gnupg2_2.0.24-1ubuntu2.2_arm64_translations.tar.gz Checksums-Sha256: 0c7ce30d195729bf21384442c1db0d2e10b33cec325266626027b6a27c57c5b2 191784 gnupg-agent_2.0.24-1ubuntu2.2_arm64.deb 86f68bddac73f12201abcdef4044a14cc05137f045dbd86375ca9dbcf0e75d24 137668 scdaemon_2.0.24-1ubuntu2.2_arm64.deb ed7eab5eccda32dec00e0a19feb7fa44a2679f1976034182d0c71454045c9a47 164558 gpgsm_2.0.24-1ubuntu2.2_arm64.deb 19f909594eaeb3da74210bd9876df10046977f0d0d041d4b459deccad8be4f94 618106 gnupg2_2.0.24-1ubuntu2.2_arm64.deb 1fdb4c74194481f6b85dffa2d84652f61c09c09eaa0a4298fc395ec224c3e542 130350 gpgv2_2.0.24-1ubuntu2.2_arm64.deb 05ec230991f48afe026703698ceb553815132d57a251b8fa3d2a08a837d8dfed 3069852 gnupg2_2.0.24-1ubuntu2.2_arm64_translations.tar.gz Files: 18d32ef39d0cbb53bffd46ed3708a507 191784 utils optional gnupg-agent_2.0.24-1ubuntu2.2_arm64.deb 21e7c490840efd6444cec037cc6fe3c5 137668 utils optional scdaemon_2.0.24-1ubuntu2.2_arm64.deb c6d6a96b9c3b649624fbc9196d57e5db 164558 utils optional gpgsm_2.0.24-1ubuntu2.2_arm64.deb 061ca01b6d77e5d5ec8f8d0e9c0cfbed 618106 utils optional gnupg2_2.0.24-1ubuntu2.2_arm64.deb e664240e3d09d7fdf6f0c9b78d5a89cd 130350 utils optional gpgv2_2.0.24-1ubuntu2.2_arm64.deb bc6748fbbedb25ec09b3e962478f035d 3069852 raw-translations - gnupg2_2.0.24-1ubuntu2.2_arm64_translations.tar.gz Original-Maintainer: Eric Dorland