Fedora 28: gnupg2 Security Update 2018-da6a17e6a3
Summary
GnuPG is GNU's tool for secure communication and data storage. It can
be used to encrypt data and to create digital signatures. It includes
an advanced key management facility and is compliant with the proposed
OpenPGP Internet standard as described in RFC2440 and the S/MIME
standard as described by several RFCs.
GnuPG 2.0 is a newer version of GnuPG with additional support for
S/MIME. It has a different design philosophy that splits
functionality up into several modules. The S/MIME and smartcard functionality
is provided by the gnupg2-smime package.
Minor update from upstream with fix for CVE-2018-9234 and other bug fixes.
[ 1 ] Bug #1563931 - CVE-2018-9234 gnupg2: GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1563931
[ 2 ] Bug #1565387 - gnupg2-2.2.6 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1565387
su -c 'dnf upgrade gnupg2' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
FEDORA-2018-da6a17e6a3 2018-04-15 02:32:41.338261 Product : Fedora 28 Version : 2.2.6 Release : 1.fc28 URL : http://www.gnupg.org/ Summary : Utility for secure communication and data storage Description : GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440 and the S/MIME standard as described by several RFCs. GnuPG 2.0 is a newer version of GnuPG with additional support for S/MIME. It has a different design philosophy that splits functionality up into several modules. The S/MIME and smartcard functionality is provided by the gnupg2-smime package. Minor update from upstream with fix for CVE-2018-9234 and other bug fixes. [ 1 ] Bug #1563931 - CVE-2018-9234 gnupg2: GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1563931 [ 2 ] Bug #1565387 - gnupg2-2.2.6 is available https://bugzilla.redhat.com/show_bug.cgi?id=1565387 su -c 'dnf upgrade gnupg2' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Change Log
References