Package: gnupg
Version: 1.4.1-1sarge1
Severity: grave
Justification: user security hole
Tags: security
*** Please type your report below this line ***
The gnupg update announced in DSA-978-1 does not install on an amd64
stable system, because on amd64 only, there exists a version 1.4.1-1.0.1
This version is (from the changelog)
gnupg (1.4.1-1.0.1) unstable; urgency=low
* BinNMU to get the depedencyies on libusb and libreadline, they were
missing in the last upload.
-- Kurt Roeckx <[EMAIL PROTECTED]> Wed, 18 May 2005 22:19:13 +0200
It seems that the necessary fix is a 1.4.1-1.0.1sarge1 on amd64 only,
which should be a simple re-build of 1.4.1-1sarge1 with the required
changed dependencies.
I've rated this as grave because it currently means amd64 stable users
who track security won't get the security update.
-- System Information:
Debian Release: 3.1
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.7-5-amd64-k8-smp
Locale: LANG=en_AU, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages gnupg depends on:
ii libbz2-1.0 1.0.2-7 high-quality block-sorting
file co
ii libc6 2.3.2.ds1-22 GNU C Library: Shared
libraries an
ii libldap2 2.1.30-8 OpenLDAP libraries
ii libreadline5 5.0-10 GNU readline and history
libraries
ii libusb-0.1-4 2:0.1.10a-9.sarge.1 userspace USB programming
library
ii makedev 2.3.1-77 creates device files in /dev
ii zlib1g 1:1.2.2-4.sarge.2 compression library - runtime
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
