-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 24 Jun 2014 11:21:36 +0200 Source: gnupg Binary: gnupg gnupg-curl gpgv gnupg-udeb gpgv-udeb gpgv-win32 Architecture: source all amd64 Version: 1.4.12-7+deb7u4 Distribution: wheezy-security Urgency: high Maintainer: Debian GnuPG-Maintainers <[email protected]> Changed-By: Salvatore Bonaccorso <[email protected]> Description: gnupg - GNU privacy guard - a free PGP replacement gnupg-curl - GNU privacy guard - a free PGP replacement (cURL) gnupg-udeb - GNU privacy guard - a free PGP replacement (udeb) gpgv - GNU privacy guard - signature verification tool gpgv-udeb - minimal signature verification tool (udeb) gpgv-win32 - GNU privacy guard - signature verification tool (win32 build) Closes: 752497 Changes: gnupg (1.4.12-7+deb7u4) wheezy-security; urgency=high . * Non-maintainer upload by the Security Team. * CVE-2014-4617: Avoid DoS due to garbled compressed data packets. Apply upstream commit to stop a possible DoS using garbled compressed data packets which can be used to put gpg into an infinite loop. (Closes: #752497) Checksums-Sha1: 61f290cbbafd310f455d9acac9e743b902711322 2324 gnupg_1.4.12-7+deb7u4.dsc bf4ac31553ac27d3709ed89acf55385c6f8004ac 104243 gnupg_1.4.12-7+deb7u4.debian.tar.gz 0f056402e05f249064a371c2b5e29ca918f7e391 614400 gpgv-win32_1.4.12-7+deb7u4_all.deb 32ca4b4faee03b5f166372b4115753b434c33d7e 1953538 gnupg_1.4.12-7+deb7u4_amd64.deb b5e7e7e1ed23a714feed0dda12dc92c547077ee5 64104 gnupg-curl_1.4.12-7+deb7u4_amd64.deb c031378a5ed0aa4ffa34f8f6245d6063749cc5d9 226674 gpgv_1.4.12-7+deb7u4_amd64.deb 78e8ea13ff478adda308b9322b47b74454ae106b 352888 gnupg-udeb_1.4.12-7+deb7u4_amd64.udeb 2c85fc453625c7091a06a31a2afbe6639eff7a92 129738 gpgv-udeb_1.4.12-7+deb7u4_amd64.udeb Checksums-Sha256: 31f9cfe4e94d25311d1530c4ed9dab6e7a1dc28cc3ad10bc30719101958009eb 2324 gnupg_1.4.12-7+deb7u4.dsc 11745cb3e5c89735957b55d46b8cd36470d0dfbca300fa28134216584ef4fa84 104243 gnupg_1.4.12-7+deb7u4.debian.tar.gz 2d6955dcec3ef31b02ba8d56171528c6f8f2dc9a0e274ba1b057ec372f4936d3 614400 gpgv-win32_1.4.12-7+deb7u4_all.deb c5d30fb81ed2b20b8de140a6193214895dd751e223d0513f08c789276ba859ad 1953538 gnupg_1.4.12-7+deb7u4_amd64.deb 8f021ee545a71efc7cc7c89f98ffe1ad7520f6d19a3250c6158bc27c9cbbbbc1 64104 gnupg-curl_1.4.12-7+deb7u4_amd64.deb 6bae5b6125d3a1d8d453d316c6c3f7236ae154b477475c15db912c2ffe194398 226674 gpgv_1.4.12-7+deb7u4_amd64.deb 88386a304eaa9666f361f942bba33f0b7854cf07f711f6e7f0b008136489fcef 352888 gnupg-udeb_1.4.12-7+deb7u4_amd64.udeb 13c4f31f5036e83c906dab5f116366452f8d6ceff47c1d2c64b3999c0411439e 129738 gpgv-udeb_1.4.12-7+deb7u4_amd64.udeb Files: 580b486123beef6ea35e0927dd535301 2324 utils important gnupg_1.4.12-7+deb7u4.dsc 25786cbe082755577e84b8fe89676abd 104243 utils important gnupg_1.4.12-7+deb7u4.debian.tar.gz 0f85528f49d858ba8f10a88284d22df4 614400 utils extra gpgv-win32_1.4.12-7+deb7u4_all.deb 156e30ec6d669421f6ef299cc6b639ea 1953538 utils important gnupg_1.4.12-7+deb7u4_amd64.deb 4bdd3c55c2d7e0321020acd806425197 64104 utils optional gnupg-curl_1.4.12-7+deb7u4_amd64.deb 7cfeaee9c167eef422b4db95994be384 226674 utils important gpgv_1.4.12-7+deb7u4_amd64.deb c4773c274790971679bf9473ad76b14b 352888 debian-installer extra gnupg-udeb_1.4.12-7+deb7u4_amd64.udeb e05b2bfcd7fedb7442de65f59237db73 129738 debian-installer extra gpgv-udeb_1.4.12-7+deb7u4_amd64.udeb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJTqY55AAoJEAVMuPMTQ89EjQ4P/RjeQf3X1ccyCamxyqe+75Dn R9h+FIUt52Hh3yTIuNByD3P8Z1hdirYJVWHGNCWQ2WU6hUodzKWHTewcPf6io5+a zVBDkKZnRSGxofYmQk4H3O66utV1JPm/1KbCUkq2gzOA/RjoRsr9kzB59a3BgFmG v9rr6SQOeWjAQ0Mxq4iTmBwF3d0SBggOCwicfcECCcnj7OWWdG+v1o0y5Yjza8K1 fKEzlt8I0hM0upT/gnaU8DyKtp3lgF7AF0bC5OEwE7Tx7YlGU17LdgI/VM1P3cny cqBty028Vkg3DUMjAviHc96Ppqk2pxagYsaRWv7jFT2XEfDGUTFpH4kH/kuNnucj y3ao/QgO0cU5LG85XYxyocuFTwT6dbz1TGJVngfZVTFL0eLZt6lb0uoG6I3A02Ts VPumkv5HyEph+rr9POnxGXbq5gLOSVKylcSkr90xexIufiGA3asvWdfhgdN8+wyl TDD1GhQ8lEsX6wl7R1KmyMg/5MzhyvxZuDJKsLU41xYUN/uzbYNDiX+Jgn9DFf42 KykXofqGF9tUB9/0YFN7nZZWrpIJz08Pv6GLEhTxxQyZOyfEw6vPcLihg32mKclT bq61KHVYqvvSpTtBO6W2grXertzO+cU1/TCALkY+mugl4VxtcO9RilB4G13jgs6o XypXmViClbCkb6c1v8Za =JYTB -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
