[SECURITY] Fedora Core 5 Update: gnupg-1.4.4-2

Nalin Dahyabhai nalin at redhat.com
Fri Jun 30 20:22:13 UTC 2006

Fedora Update Notification

Product     : Fedora Core 5
Name        : gnupg
Version     : 1.4.4
Release     : 2
Summary     : A GNU utility for secure communication and data storage.
Description :
GnuPG (GNU Privacy Guard) is a GNU utility for encrypting data and
creating digital signatures. GnuPG has advanced key management
capabilities and is compliant with the proposed OpenPGP Internet
standard described in RFC2440. Since GnuPG doesn't use any patented
algorithm, it is not compatible with any version of PGP2 (PGP2.x uses
only IDEA for symmetric-key encryption, which is patented worldwide).

Update Information:

This update upgrades to upstream version 1.4.4, which places
a limit on the size of user ID packets, closing a possible
integer overflow (CVE-2006-3082).
* Mon Jun 26 2006 Nalin Dahyabhai <nalin at redhat.com> - 1.4.4-2
- rebuild
* Mon Jun 26 2006 Nalin Dahyabhai <nalin at redhat.com> - 1.4.4-1
- update to 1.4.4
* Tue Jun 20 2006 Nalin Dahyabhai <nalin at redhat.com> - 1.4.3-5
- rebuild
* Tue Jun 20 2006 Nalin Dahyabhai <nalin at redhat.com> - 1.4.3-4
- add patch from upstream to fix CVE-2006-3082 (#195946)

This update can be downloaded from:

4391691ad6ace3a49c9e9f296eed3b8eab0a3a4d  SRPMS/gnupg-1.4.4-2.src.rpm
4391691ad6ace3a49c9e9f296eed3b8eab0a3a4d  noarch/gnupg-1.4.4-2.src.rpm
5492c06b329214ae49349ef5312e231ed1e11ac0  ppc/debug/gnupg-debuginfo-1.4.4-2.ppc.rpm
040f852ed247e340ef5f05c93f88b7cd69348cc5  ppc/gnupg-1.4.4-2.ppc.rpm
106a9f8b82a69a7b16f3822f505aac95cdfc75fe  x86_64/debug/gnupg-debuginfo-1.4.4-2.x86_64.rpm
169e60290b1a234d2903092624d64d066d9f3081  x86_64/gnupg-1.4.4-2.x86_64.rpm
46a686db18fd2107fc9b60656a1bf57e05dcca28  i386/gnupg-1.4.4-2.i386.rpm
2555cf73d1571ed4dc10cbce630900ec4acdb0ef  i386/debug/gnupg-debuginfo-1.4.4-2.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.

More information about the package-announce mailing list