[Touch-packages] [Bug 1785176] Re: GnuPG 1.4.23 released on 2018-06-11, addresses CVE-2017-7526

2018-08-07 Thread Mathew Hodson
** Changed in: gnupg (Ubuntu) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnupg in Ubuntu. https://bugs.launchpad.net/bugs/1785176 Title: GnuPG 1.4.23 released on 2018-06-11,

[Touch-packages] [Bug 1785176] Re: GnuPG 1.4.23 released on 2018-06-11, addresses CVE-2017-7526

2018-08-07 Thread Alex Murray
https://usn.ubuntu.com/3733-1/ ** Changed in: gnupg (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnupg in Ubuntu. https://bugs.launchpad.net/bugs/1785176 Title: GnuPG 1.4.23

[Touch-packages] [Bug 1785176] Re: GnuPG 1.4.23 released on 2018-06-11, addresses CVE-2017-7526

2018-08-03 Thread Alex Murray
Thanks for reporting this - FYI you can see the status of each CVE via the CVE tracker http://people.canonical.com/~ubuntu-security/cve/ ie. https://people.canonical.com/~ubuntu- security/cve/2017/CVE-2017-7526.html This CVE was triaged against libgrypt only - not against gnupg1 - and all the

[Touch-packages] [Bug 1785176] Re: GnuPG 1.4.23 released on 2018-06-11, addresses CVE-2017-7526

2018-08-03 Thread Seth Arnold
Thank you for your attention to detail. CVE-2017-7526 was fixed in USN-3347-1 and -2 by patching the libgcrypt20 and libgcrypt11 source packages: https://usn.ubuntu.com/3347-1/ https://usn.ubuntu.com/3347-2/ You can track our work per-cve on https://people.canonical.com/~ubuntu-

[Touch-packages] [Bug 1785176] Re: GnuPG 1.4.23 released on 2018-06-11, addresses CVE-2017-7526

2018-08-02 Thread Alex Murray
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnupg in Ubuntu. https://bugs.launchpad.net/bugs/1785176 Title: GnuPG 1.4.23 released on 2018-06-11,