Debian 2.2: 1.0.4-1 Moderate: GnuPG Logic Error in Signature Check
debian
November 10, 2000
The version of gnupg that was distributed in Debian GNU/Linux 2.2 hada logic error in the code that checks for valid signatures which couldcause false positive results:
Summary
This has been fixed in version 1.0.4-1 and we recommend that you
upgrade your gnupg package to that version. Please note that this
version of gnupg includes the RSA code directly instead of relying on
the gpg-rsa package. This means that the "load-extension rsa" command
in ~/.gnupg/options is no longer needed and must be removed: gnupg
will not work correctly if it tries to load an extension that is not
present.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 2.2 alias potato
architectures.
Source archives:
MD5 checksum: bedf28e6875df5f632cbf1f210a653a4
MD5 checksum: 9d61f9b13287acb6b0dcf14cc80f8c64
MD5 checksum: bef2267bfe9b74a00906a78db34437f9
Alpha architecture:
MD5 checksum: f572217d63102a55a9e4704aed9b1c9d
ARM architecture:
M...
PREVIOUS
NEXT
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!