subject:"\[SECURITY\] \[DSA 2968\-1\] gnupg2 security update"

Re: [SECURITY] [DSA 2968-1] gnupg2 security update

2014-06-30 Thread Daniel Thomas Hasbrouck

 what should I do with the Above gobble-D-GOOK? even my usb Flashdrives
Are wiped!, (not by me!).


On Fri, Jun 27, 2014 at 1:14 AM, Salvatore Bonaccorso car...@debian.org
wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA512

 - -
 Debian Security Advisory DSA-2968-1   secur...@debian.org
 http://www.debian.org/security/  Salvatore Bonaccorso
 June 27, 2014  http://www.debian.org/security/faq
 - -

 Package: gnupg2
 CVE ID : CVE-2014-4617
 Debian Bug : 752498

 Jean-Rene Reinhard, Olivier Levillain and Florian Maury reported that
 GnuPG, the GNU Privacy Guard, did not properly parse certain garbled
 compressed data packets. A remote attacker could use this flaw to mount
 a denial of service against GnuPG by triggering an infinite loop.

 For the stable distribution (wheezy), this problem has been fixed in
 version 2.0.19-2+deb7u2.

 For the testing distribution (jessie), this problem has been fixed in
 version 2.0.24-1.

 For the unstable distribution (sid), this problem has been fixed in
 version 2.0.24-1.

 We recommend that you upgrade your gnupg2 packages.

 Further information about Debian Security Advisories, how to apply
 these updates to your system and frequently asked questions can be
 found at: http://www.debian.org/security/

 Mailing list: debian-security-annou...@lists.debian.org
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1

 iQIcBAEBCgAGBQJTrSUZAAoJEAVMuPMTQ89ExOEP/1Ycmnphx4Quq4BvlIFM8EbR
 vhH2tfBSUr4VAgik2AkGKOUTaci6qJLrs9Sf4lGnjobTXFn8+BitNiO3AFn2wIq1
 eIqosXZxUflNquCvSyfxjid8MuJk7DOzSca8QENlTQfDKk+5LpWGfKM1I2dKSvOh
 Q4KTfcQU6nM17Epczj6eAUDqGdX+I5qPBJLTD5Cc+t9eOy2Erdaj+NWUc/lBDjgo
 oQDw/ytZLzI5AwJoc1dAtQR0pEbNlBXrGOs9p1+8VdZ4V7cNjkPJLtsHZj0d+M8o
 0/4IsKQEM4Fzu4nrjTiiLDpf2+tYqHMtst9AzY0Hf1gaZAGA0Sdx5Kvts5zBSfz8
 WbiKTZvvLqgkWUOdxqIf9/tT6tbr8vkuNPdtcBnvyIM8fb4MiXcBBbhG03fTgvpr
 f776rjk6Y3IWHp0RhNBn8Lep4YGExzyoKikTqUjQoHcMGVhCBtcAfTnLlCKc8IVz
 UPyp0gzv1GTrMeZq8riyLckBpBMTf0i8bEncK/0buyBwDevjdFGSUoBh+hsqtktV
 dUYNTLpSJoqAAbWCqytiPQ7A6VP5IyuXmUcn1vIFTV9gGFsChpIJFQ/Y298X6xM6
 u+Z7NhZjcrvfGy+I7Hcv1q1tHQszdvPJZc46dFBKhpupKA+swvg3iG4FbTxNPOH1
 kk6B9YFnYI+Nq2zzcyAr
 =7fez
 -END PGP SIGNATURE-


 --
 To UNSUBSCRIBE, email to debian-security-announce-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact
 listmas...@lists.debian.org
 Archive: https://lists.debian.org/e1x0ris-ay...@master.debian.org

Re: [SECURITY] [DSA 2968-1] gnupg2 security update

2014-06-30 Thread Paul Wise

On Tue, Jul 1, 2014 at 2:11 AM, Daniel Thomas Hasbrouck wrote:

  what should I do with the Above gobble-D-GOOK?

Ask your sysadmin to perform an upgrade on any physical machines or
virtual machines you have that are running Debian. The same
vulnerability probably applies to other Linux/BSD distributions so
upgrade those too. It may also apply to Windows/Mac machines if you
have installed GnuPGP there.

-- 
bye,
pabs

http://wiki.debian.org/PaulWise


-- 
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/caktje6fkfe6repvpgz5ggpgx4nbgogy33gf+vtkme1a5md-...@mail.gmail.com

Re: [SECURITY] [DSA 2968-1] gnupg2 security update

Re: [SECURITY] [DSA 2968-1] gnupg2 security update

2 matches

Site Navigation

Mail list logo

Footer information