Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora Core 4: 2006-116 Critical Update for GnuPG 1.4.2.1 - Security Issue

fedora
Calendar Grey February 17, 2006
Dist Fedora Esm H88
Fedora Core 4's GnuPG upgrade addresses vital vulnerabilities related to encryption and digital signing features, enhancing the security of communications.
The GNU Privacy Guard provides encryption and signing for messages and arbitrary files, and implements the OpenPGP standard as described by IETF RFC2440.

Summary

GnuPG (GNU Privacy Guard) is a GNU utility for encrypting data and

creating digital signatures. GnuPG has advanced key management

capabilities and is compliant with the proposed OpenPGP Internet

standard described in RFC2440. Since GnuPG doesn't use any patented

algorithm, it is not compatible with any version of PGP2 (PGP2.x uses

only IDEA for symmetric-key encryption, which is patented worldwide).

The GNU Privacy Guard provides encryption and signing for

messages and arbitrary files, and implements the OpenPGP

standard as described by IETF RFC2440.

Version 1.4.2 of GnuPG would in some cases erroneously exit

with status 0 (signalling no errors) if it was invoked to

check a signature but found no signature to check. This

should be corrected in version 1.4.2.1.

- update to 1.4.2.1 (fixes CVE-2006-0455)

* Fri Feb 10 2006 Jesse Keating - 1.4.2-3.2.1

- bump again for double-long bug on ppc(64)

* Tue Feb 7 2006 Jesse Keating - 1.4.2-3.2

- rebuilt for new gcc4.1 snapshot and glibc changes

* Fri Dec 9 2005 Jesse Keating

- rebuilt

* Tue Aug 9 2005 Nalin Dahyabhai 1.4.2-3

- don't override libexecdir any more; we don't need to (#165462)

* Thu Aug 4 2005 Nalin Dahyabhai 1.4.2-2

- pull in David Shaw's fix for key generation in batch mode

* Fri Jul 29 2005 Nalin Dahyabhai

- change %post to check if the info files are there before attempting to

add or remove them from the info index (#91641)

* Wed Jul 27 2005 Nalin Dahyabhai 1.4.2-1

- update to 1.4.2

a1a4ce41efd41cb8ade2b4413072fb4c00e8b9e3 SRPMS/gnupg-1.4.2.1-1.src.rpm

1be912b956a9c001a8a24a4cadbaee4351710bfb ppc/gnupg-1.4.2.1-1.ppc.rpm

644518c6e8d05280b091d12fe9c9e541666cc47a ppc/debug/gnupg-debuginfo-1.4.2.1-1.ppc.rpm

5dd455f66408bb0b1a5080077595f45e14848fd7 x86_64/gnupg-1.4.2.1-1.x86_64.rpm

f1d7b3d77fa9f6bdae07a10a5edcf9b15c777934 x86_64/debug/gnupg-debuginfo-1.4.2.1-1.x86_64.rpm

601f36c75b78f96fe1d921edde19343997b3827e i386/gnupg-1.4.2.1-1.i386.rpm

e10f5c5707b4ba7ba65da4fdc08013af111fbedc i386/debug/gnupg-debuginfo-1.4.2.1-1.i386.rpm

This update can be installed with the 'yum' update program. Use 'yum update

package-name' at the command line. For more information, refer to 'Managing

Software with yum,' available at .

fedora-announce-list mailing list

fedora-announce-list@redhat.com

Topics%20covered

Topics Covered

security advisory Fedora critical update GnuPG encryption issue data signing secure communication

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Name: gnupg
Version: 1.4.2.1
Release: 1
Summary: A GNU utility for secure communication and data storage.

Topics%20covered

Topics Covered

security advisory Fedora critical update GnuPG encryption issue data signing secure communication

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here