Package: gnupg Version: 1.4.1-1.sarge3 Severity: grave Tags: security Hello James
I have not verified that any Debian version is affected but there was just a mail on a German newsticker that GnuPGs last release closes a security hole regarding too long user ids that lead to a crash when using --no-armor. More info is supposed to be here: http://lists.gnupg.org/pipermail/gnupg-announce/2006q2/000226.html bye, -christian- -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.8-3-686-smp Locale: LANG=de_DE, LC_CTYPE=de_DE (charmap=ISO-8859-15) (ignored: LC_ALL set to [EMAIL PROTECTED]) Versions of packages gnupg depends on: ii libbz2-1.0 1.0.2-7 high-quality block-sorting file co ii libc6 2.3.2.ds1-22sarge3 GNU C Library: Shared libraries an ii libldap2 2.1.30-8 OpenLDAP libraries ii libreadline5 5.0-10 GNU readline and history libraries ii libusb-0.1-4 2:0.1.10a-9.sarge.1 userspace USB programming library ii makedev 2.3.1-77 creates device files in /dev ii zlib1g 1:1.2.2-4.sarge.2 compression library - runtime -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]