Package: dirmngr Version: 1.1.0-1 Severity: important Tags: patch, security
At least dirmngr 1.1.0-1 has a defect that it can hang. This can cause a denial of service for other users and applications, as dirmngr is a system service serving several requests. For example the KMail hung when trying to verify a signature which has the certificate in the chain that is attached to the report which has all details: https://bugs.g10code.com/gnupg/issue1313 (dirmngr unresponsive when waiting for some http CRL connect() -> ping and other requests fail) here is the patch rev 347 that fixes the issue: http://cvs.gnupg.org/cgi-bin/viewcvs.cgi?root=Dirmngr&view=rev http://files.kolab.org/apt/releases/dists/lenny/unstable/source/ has the following files that already contain a fixed package for Lenny: dirmngr_1.1.0+r347-0kk1.diff.gz 19-May-2011 10:59 dirmngr_1.1.0+r347-0kk1.dsc 19-May-2011 10:59 dirmngr_1.1.0+r347.orig.tar.gz Best, Bernhard -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org