=========================================================== 
Ubuntu Security Notice USN-389-1          November 29, 2006
gnupg vulnerability
http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html
==========================================================
A security issue affects the following Ubuntu releases:

Ubuntu 5.10
Ubuntu 6.06 LTS
Ubuntu 6.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.10:
  gnupg                                    1.4.1-1ubuntu1.5

Ubuntu 6.06 LTS:
  gnupg                                    1.4.2.2-1ubuntu2.3

Ubuntu 6.10:
  gnupg                                    1.4.3-2ubuntu3.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

A buffer overflow was discovered in GnuPG.  By tricking a user into 
running gpg interactively on a specially crafted message, an attacker 
could execute arbitrary code with the user's privileges.  This 
vulnerability is not exposed when running gpg in batch mode.


Updated packages for Ubuntu 5.10:

  Source archives:

          Size/MD5:    21914 9c398c7ad981984ce7e2d5c73d39646c
          Size/MD5:      684 99674acf9842bede50bfc9cee94233bc
          Size/MD5:  4059170 1cc77c6943baaa711222e954bbd785e5

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5:  1136516 6f95cee543adea0d34af0db0270e8301
          Size/MD5:   152280 91e6fec1a7cac200e6607a5aca8e283c

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5:  1044704 511314c5de795b3f732fbc48fa9bc245
          Size/MD5:   130672 c2af84edf925cf93e92df0afd1747a8b

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5:  1119908 d942ad0abd5921bb771fd6180d32f28b
          Size/MD5:   140214 ac880f5f3a32fe0bba76d61ef5374f61

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5:  1064488 49125a2b181ce9e4ca22b67b6712b153
          Size/MD5:   139606 f97c2b5b2f406afb0cc8478df8529a1c

Updated packages for Ubuntu 6.06 LTS:

  Source archives:

          Size/MD5:    20808 4208a73338b5624d39f355e553927548
          Size/MD5:      690 858b47da7b535136aa99ab7ccbd2aaef
          Size/MD5:  4222685 50d8fd9c5715ff78b7db0e5f20d08550

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5:  1066374 7e03df9183620a5c23db7caefb3f5b2b
          Size/MD5:   140312 9384b3aa9a950db2bb80ad20f820529c

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5:   981392 75eba5633769eb5c8e4fbd863d0ffed9
          Size/MD5:   120284 5ab02d409b4b475657f5c52081d3ccf9

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5:  1053850 43d575debcff4457419d48f78d164449
          Size/MD5:   130154 9491f62000cc12df6f23b8d66fd97859

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5:   994040 09848e3252cae2efeefeef913e4ef9d5
          Size/MD5:   127412 56d3912d3002bf3f0377a6437a6f851c

Updated packages for Ubuntu 6.10:

  Source archives:

          Size/MD5:    25822 be04724ca7e6d4dcf2a016ebe2d4bd25
          Size/MD5:      697 446e892916ea052627a78152037651d9
          Size/MD5:  4320394 fcdf572a33dd037653707b128dd150a7

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

          Size/MD5:   379748 635660a16621f2d7cc752e61cf926208
          Size/MD5:  1112036 daa0230d7072a2b25996d5ef387d5312
          Size/MD5:   142628 db13e0940956c59d2efd2467e30dd27c

  i386 architecture (x86 compatible Intel/AMD)

          Size/MD5:   357538 0cfa39e8bf18bd48991298bc01a733ec
          Size/MD5:  1055538 67ba9574b18247de52f32ba976d941ef
          Size/MD5:   129146 1fb42163be150d7fa7b73dfcbfbcb244

  powerpc architecture (Apple Macintosh G3/G4/G5)

          Size/MD5:   372472 f2b7b44029ff56d7911590d4285be8bd
          Size/MD5:  1107214 8ac1d1de40130c0b61334fde37692c9b
          Size/MD5:   136288 023825eced954075f8e3443a227a5aa3

  sparc architecture (Sun SPARC/UltraSPARC)

          Size/MD5:   366138 d98c8c252f725be2895a99a2f1ffd23d
          Size/MD5:  1042190 01e8b454133f351081d6fab5fdea0443
          Size/MD5:   132764 d961891ab18f423819b766f3ce670e39


--obAtV4On+KRLREo5
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFbgtVH/9LqRcGPm0RAsEtAJ4y914Prb5EBRhSF5QptHKB7DFTCwCfbaeP
OvQU1zQzB4esi5TjLxYOT1M=l8ec
-----END PGP SIGNATURE-------obAtV4On+KRLREo5--
--==============29773653=Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--==============29773653==--

Ubuntu: GnuPG vulnerability USN-432-1

November 29, 2006
A buffer overflow was discovered in GnuPG

Summary

Update Instructions

References

Severity
Ubuntu Security Notice USN-389-1 November 29, 2006

Package Information

Related News

24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved