----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sabtu, 11 Nopember 2000 8:53 Subject: [SECURITY] New version of gnupg installed > -----BEGIN PGP SIGNED MESSAGE----- > > - ------------------------------------------------------------------------ > Debian Security Advisory [EMAIL PROTECTED] > http://www.debian.org/security/ Wichert Akkerman > November 11, 2000 > - ------------------------------------------------------------------------ > > > Package: gnupg > Debian-specific: no > > The version of gnupg that was distributed in Debian GNU/Linux 2.2 had > a logic error in the code that checks for valid signatures which could > cause false positive results: Jim Small discovered that if the input > contained multiple signed sections the exit-code gnupg returned was > only valid for the last section, so improperly signed other sections > were not noticed. > > This has been fixed in version 1.0.4-1 and we recommend that you > upgrade your gnupg package to that version. Please note that this > version of gnupg includes the RSA code directly instead of relying on > the gpg-rsa package. This means that the "load-extension rsa" command > in ~/.gnupg/options is no longer needed and must be removed: gnupg > will not work correctly if it tries to load an extension that is not > present. > > > wget url > will fetch the file for you > dpkg -i file.deb > will install the referenced file. > > You may use an automated update by adding the resources from the > footer to the proper configuration. > > > Debian GNU/Linux 2.2 alias potato > - --------------------------------- > > Potato was released for the alpha, arm, i386, m68k, powerpc and sparc > architectures. > > Source archives: > http://security.debian.org/dists/stable/updates/main/source/gnupg_1.0.4-1.di ff.gz > MD5 checksum: bedf28e6875df5f632cbf1f210a653a4 > http://security.debian.org/dists/stable/updates/main/source/gnupg_1.0.4-1.ds c > MD5 checksum: 9d61f9b13287acb6b0dcf14cc80f8c64 > http://security.debian.org/dists/stable/updates/main/source/gnupg_1.0.4.orig .tar.gz > MD5 checksum: bef2267bfe9b74a00906a78db34437f9 > > Alpha architecture: > http://security.debian.org/dists/stable/updates/main/binary-alpha/gnupg_1.0. 4-1_alpha.deb > MD5 checksum: f572217d63102a55a9e4704aed9b1c9d > > ARM architecture: > http://security.debian.org/dists/stable/updates/main/binary-arm/gnupg_1.0.4- 1_arm.deb > MD5 checksum: eb43fb088b488002fa4c06c0d8d69eb2 > > Intel ia32 architecture: > http://security.debian.org/dists/stable/updates/main/binary-i386/gnupg_1.0.4 -1_i386.deb > MD5 checksum: ef2ed6b922db2ed215f2fb857db80730 > > Motorola 680x0 architecture: > http://security.debian.org/dists/stable/updates/main/binary-m68k/gnupg_1.0.4 -1_m68k.deb > MD5 checksum: 607202c40ec908fa2ab10b20a1235ff2 > > PowerPC architecture: > http://security.debian.org/dists/stable/updates/main/binary-powerpc/gnupg_1. 0.4-1_powerpc.deb > MD5 checksum: ade5f42869502dfb128bd2b6279ab111 > > Sun Sparc architecture: > http://security.debian.org/dists/stable/updates/main/binary-sparc/gnupg_1.0. 4-1_sparc.deb > MD5 checksum: 37a850c6363498f90d3f719ada8d71db > > > For not yet released architectures please refer to the appropriate > directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ . > > - -- > - ------------------------------------------------------------------------ ---- > apt-get: deb http://security.debian.org/ stable/updates main > dpkg-ftp:ftp://security.debian.org/debian-security dists/stable/updates/main > Mailing list: [EMAIL PROTECTED] > > -----BEGIN PGP SIGNATURE----- > Version: 2.6.3ia > Charset: noconv > > iQB1AwUBOgymIKjZR/ntlUftAQF8OwL/f8YTRvzhyTUTeqO2dB8vzi2LeKKogHTa > UUQU6c4zzlypmKF02ANzOPUah+s1mie+fIl8/lI201l3eJSLtWx5rXDKRlMqDYt/ > pbUrXP5HJqEg/PiY9vsKI6W2FiGX3tA4 > =zq14 > -----END PGP SIGNATURE----- > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
