-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-2f259a6c0a 2019-07-18 17:55:37.801187 --------------------------------------------------------------------------------
Name : gnupg2 Product : Fedora 30 Version : 2.2.17 Release : 1.fc30 URL : http://www.gnupg.org/ Summary : Utility for secure communication and data storage Description : GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described by several RFCs.
GnuPG 2.0 is a newer version of GnuPG with additional support for S/MIME. It has a different design philosophy that splits functionality up into several modules. The S/MIME and smartcard functionality is provided by the gnupg2-smime package.
-------------------------------------------------------------------------------- Update Information:
Minor update to version 2.2.17 from upstream with a security issue (Certificate Spamming Attack) mitigation. -------------------------------------------------------------------------------- ChangeLog:
* Mon Jul 15 2019 Tom���� Mr��z tmraz@redhat.com - 2.2.17-1 - upgrade to 2.2.17 * Mon Jul 1 2019 Tom���� Mr��z tmraz@redhat.com - 2.2.16-1 - upgrade to 2.2.16 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1725437 - dirmngr endlessly receives service unavailable 503 error https://bugzilla.redhat.com/show_bug.cgi?id=1725437 [ 2 ] Bug #1726148 - CVE-2019-13050 gnupg2: GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack which leads to persistent DoS [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1726148 [ 3 ] Bug #1728322 - gnupg2-2.2.17 is available https://bugzilla.redhat.com/show_bug.cgi?id=1728322 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-2f259a6c0a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------