Fedora Core 5 Update: gnupg-1.4.5-2
Summary
GnuPG (GNU Privacy Guard) is a GNU utility for encrypting data and
creating digital signatures. GnuPG has advanced key management
capabilities and is compliant with the proposed OpenPGP Internet
standard described in RFC2440. Since GnuPG doesn't use any patented
algorithm, it is not compatible with any version of PGP2 (PGP2.x uses
only IDEA for symmetric-key encryption, which is patented worldwide).
This update upgrades GnuPG to version 1.4.5 to correct
errors in the parsing of certain types of packets.
- rebuild
- reenable curl support
* Tue Aug 1 2006 Nalin Dahyabhai
- update to 1.4.5, fixing additional size overflows in packet parsing (#200904,
CVE-2006-3746)
- temporarily disable curl support again
* Fri Jul 28 2006 Nalin Dahyabhai
- update to 1.4.5rc1 to check for build problems, but mark it as 1.4.4.90
to avoid looking "newer" than the eventual 1.4.5
- because we call aclocal, buildrequire gettext-devel to get AM_GNU_GETTEXT
* Thu Jul 20 2006 Nalin Dahyabhai
- add BuildPrereq on curl-devel to get curl's ipv6 support (#198375)
* Wed Jul 12 2006 Nalin Dahyabhai
- fix a cast in gpgkeys_hkp to avoid tripping stack smashing or buffer overflow
detection (#198612)
* Wed Jul 12 2006 Jesse Keating
- rebuild
* Wed Jul 5 2006 Nalin Dahyabhai
- try again using per-platform buildprereq (jkeating)
* Wed Jul 5 2006 Nalin Dahyabhai
- buildprereq libusb-devel, so that we get CCID support back (#197450)
* Mon Jun 26 2006 Nalin Dahyabhai
- rebuild
* Mon Jun 26 2006 Nalin Dahyabhai
- rebuild
* Mon Jun 26 2006 Nalin Dahyabhai
- update to 1.4.4
* Tue Jun 20 2006 Nalin Dahyabhai
- rebuild
* Tue Jun 20 2006 Nalin Dahyabhai
- add patch from upstream to fix CVE-2006-3082 (#195946)
dab417f77fefbf6d15ede1e8dcf6fb580d10f444 SRPMS/gnupg-1.4.5-2.src.rpm
dab417f77fefbf6d15ede1e8dcf6fb580d10f444 noarch/gnupg-1.4.5-2.src.rpm
581d146dbae9924c3c73259382adb66c2ec1dea3 ppc/debug/gnupg-debuginfo-1.4.5-2.ppc.rpm
d0007f76d5e0c52b707ea67ee0de990dd56931c0 ppc/gnupg-1.4.5-2.ppc.rpm
419fc0100d2478ed05b4e1b0d89148fcd1225638 x86_64/gnupg-1.4.5-2.x86_64.rpm
e333312919512cf61b7dd80e8420cf9dea5ab183 x86_64/debug/gnupg-debuginfo-1.4.5-2.x86_64.rpm
6bf8b9b0f0bf974aeefd5dcfa9a7df9e4121b275 i386/debug/gnupg-debuginfo-1.4.5-2.i386.rpm
34b154d18c91fc305f824bf71e4151d7bd3f2f64 i386/gnupg-1.4.5-2.i386.rpm
This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at .
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce
FEDORA-2006-868 2006-08-02 Name : gnupg Version : 1.4.5 Release : 2 Summary : A GNU utility for secure communication and data storage. Description : GnuPG (GNU Privacy Guard) is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with any version of PGP2 (PGP2.x uses only IDEA for symmetric-key encryption, which is patented worldwide). This update upgrades GnuPG to version 1.4.5 to correct errors in the parsing of certain types of packets. - rebuild - reenable curl support * Tue Aug 1 2006 Nalin Dahyabhai - 1.4.5-1 - update to 1.4.5, fixing additional size overflows in packet parsing (#200904, CVE-2006-3746) - temporarily disable curl support again * Fri Jul 28 2006 Nalin Dahyabhai - 1.4.4.90-1 - update to 1.4.5rc1 to check for build problems, but mark it as 1.4.4.90 to avoid looking "newer" than the eventual 1.4.5 - because we call aclocal, buildrequire gettext-devel to get AM_GNU_GETTEXT * Thu Jul 20 2006 Nalin Dahyabhai - 1.4.4-7 - add BuildPrereq on curl-devel to get curl's ipv6 support (#198375) * Wed Jul 12 2006 Nalin Dahyabhai - 1.4.4-6 - fix a cast in gpgkeys_hkp to avoid tripping stack smashing or buffer overflow detection (#198612) * Wed Jul 12 2006 Jesse Keating - 1.4.4-5.1 - rebuild * Wed Jul 5 2006 Nalin Dahyabhai - 1.4.4-5 - try again using per-platform buildprereq (jkeating) * Wed Jul 5 2006 Nalin Dahyabhai - 1.4.4-4 - buildprereq libusb-devel, so that we get CCID support back (#197450) * Mon Jun 26 2006 Nalin Dahyabhai - 1.4.4-3 - rebuild * Mon Jun 26 2006 Nalin Dahyabhai - 1.4.4-2 - rebuild * Mon Jun 26 2006 Nalin Dahyabhai - 1.4.4-1 - update to 1.4.4 * Tue Jun 20 2006 Nalin Dahyabhai - 1.4.3-5 - rebuild * Tue Jun 20 2006 Nalin Dahyabhai - 1.4.3-4 - add patch from upstream to fix CVE-2006-3082 (#195946) dab417f77fefbf6d15ede1e8dcf6fb580d10f444 SRPMS/gnupg-1.4.5-2.src.rpm dab417f77fefbf6d15ede1e8dcf6fb580d10f444 noarch/gnupg-1.4.5-2.src.rpm 581d146dbae9924c3c73259382adb66c2ec1dea3 ppc/debug/gnupg-debuginfo-1.4.5-2.ppc.rpm d0007f76d5e0c52b707ea67ee0de990dd56931c0 ppc/gnupg-1.4.5-2.ppc.rpm 419fc0100d2478ed05b4e1b0d89148fcd1225638 x86_64/gnupg-1.4.5-2.x86_64.rpm e333312919512cf61b7dd80e8420cf9dea5ab183 x86_64/debug/gnupg-debuginfo-1.4.5-2.x86_64.rpm 6bf8b9b0f0bf974aeefd5dcfa9a7df9e4121b275 i386/debug/gnupg-debuginfo-1.4.5-2.i386.rpm 34b154d18c91fc305f824bf71e4151d7bd3f2f64 i386/gnupg-1.4.5-2.i386.rpm This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at . Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce
Change Log
References
Update Instructions
