Accepted gnupg 1.4.12-7+deb7u7 (source all amd64) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted gnupg 1.4.12-7+deb7u7 (source all amd64) into proposed-updates->stable-new, proposed-updates
From: Alessandro Ghedini <ghedo@debian.org>
Date: Fri, 13 Mar 2015 22:02:04 +0000
Message-id: <[🔎] E1YWXee-0005cg-Po@franck.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Wed, 04 Mar 2015 18:46:34 +0100
Source: gnupg
Binary: gnupg gnupg-curl gpgv gnupg-udeb gpgv-udeb gpgv-win32
Architecture: source all amd64
Version: 1.4.12-7+deb7u7
Distribution: wheezy-security
Urgency: high
Maintainer: Debian GnuPG-Maintainers <pkg-gnupg-maint@lists.alioth.debian.org>
Changed-By: Alessandro Ghedini <ghedo@debian.org>
Description: 
 gnupg      - GNU privacy guard - a free PGP replacement
 gnupg-curl - GNU privacy guard - a free PGP replacement (cURL)
 gnupg-udeb - GNU privacy guard - a free PGP replacement (udeb)
 gpgv       - GNU privacy guard - signature verification tool
 gpgv-udeb  - minimal signature verification tool (udeb)
 gpgv-win32 - GNU privacy guard - signature verification tool (win32 build)
Closes: 778652
Changes: 
 gnupg (1.4.12-7+deb7u7) wheezy-security; urgency=high
 .
   * Use ciphertext blinding for Elgamal decryption to counteract a
     side-channel attack as per CVE-2014-3591
   * Fix data-dependent timing variations in the modular exponentiation
     function that could be used to mount a side-channel attack as per
     CVE-2015-0837
   * Fix a use-after-free when importing a garbled keyring file
     as per CVE-2015-1606 (Closes: #778652)
Checksums-Sha1: 
 d3ef8848a37897e81bee18af4da865ca4b6e9168 2322 gnupg_1.4.12-7+deb7u7.dsc
 e21c7139d23201b004f7b259968d45f0eca37f33 120475 gnupg_1.4.12-7+deb7u7.debian.tar.gz
 df8a0ef18df0fb86167128ac6c31d6709c2f9c6b 617064 gpgv-win32_1.4.12-7+deb7u7_all.deb
 c03f15e5ee0fba0b77a51e063db87708aee0e422 1956126 gnupg_1.4.12-7+deb7u7_amd64.deb
 bc5c60462be7702988e083cf68c7f8edfcb962a5 64308 gnupg-curl_1.4.12-7+deb7u7_amd64.deb
 8dae53bc42d1f35054ce35124da8b92f6097f1c2 228244 gpgv_1.4.12-7+deb7u7_amd64.deb
 dbe121bae44db6eb6108311f41997c4ede1178b2 354018 gnupg-udeb_1.4.12-7+deb7u7_amd64.udeb
 5d32171182e956f8277d44378b1623bbeae23110 130734 gpgv-udeb_1.4.12-7+deb7u7_amd64.udeb
Checksums-Sha256: 
 edf571e8ebcdb13404c347d5e51041814eb3d1b1b1d9d02e4b18e84b1c90f831 2322 gnupg_1.4.12-7+deb7u7.dsc
 0f9b3f60f6f3d3925f30cef59bdee2fdf3e06930cd00b396f4338b14aee0aa82 120475 gnupg_1.4.12-7+deb7u7.debian.tar.gz
 27760f636f6dbfe387dfbede1131fe7a0dd5fd3b0ab562213193ffa7cfcadfb5 617064 gpgv-win32_1.4.12-7+deb7u7_all.deb
 2920249908a8297f85006def6a55fb99abfcc8466cac2b9f28d01ce8315df065 1956126 gnupg_1.4.12-7+deb7u7_amd64.deb
 b626c3320c0ba2c41c5214bf8175c713f3713cc393e9361a977dc0202c197875 64308 gnupg-curl_1.4.12-7+deb7u7_amd64.deb
 8361f45f51a7e70e3367e5b2df59fa8defc8648a76afa4159da3f249460f5b33 228244 gpgv_1.4.12-7+deb7u7_amd64.deb
 dd7230f9d025c47e8c94e4101e2970e94aed50ec0c65801f9c7cd0a03d6723e1 354018 gnupg-udeb_1.4.12-7+deb7u7_amd64.udeb
 4abcb1191d8a3e58d88fb56084f9d784255ba68c767babc3c2819b7a1a689b78 130734 gpgv-udeb_1.4.12-7+deb7u7_amd64.udeb
Files: 
 6bcf197234014e47eaef8fde4c1f1353 2322 utils important gnupg_1.4.12-7+deb7u7.dsc
 253640158f60258ba671108df2dd5382 120475 utils important gnupg_1.4.12-7+deb7u7.debian.tar.gz
 5f15f3ac2f586b95ab21c3f83fd1bf35 617064 utils extra gpgv-win32_1.4.12-7+deb7u7_all.deb
 17916456c6e84c434205bad15e98e902 1956126 utils important gnupg_1.4.12-7+deb7u7_amd64.deb
 56699ccfefc9bb6c39325d746363c018 64308 utils optional gnupg-curl_1.4.12-7+deb7u7_amd64.deb
 91a07e1a42703f0ce59c4a1de60e961d 228244 utils important gpgv_1.4.12-7+deb7u7_amd64.deb
 6d90567115ee873d4ce6c87991cfaed0 354018 debian-installer extra gnupg-udeb_1.4.12-7+deb7u7_amd64.udeb
 2fda838d1101cc202ddd087c8c98b635 130734 debian-installer extra gpgv-udeb_1.4.12-7+deb7u7_amd64.udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJU/HuHAAoJEK+lG9bN5XPLOxoP/Rfm9JTDRxXpxx92UITduloK
WV1o8/Ad4RbaHoerUETjoWKqIRZ+8nrHNXWQIH1Wrl9eYlnf86fjUY0j+A6p5juR
GbFSwolFk8TA1+r8kTQVzWhIrtY3gnO3OA2F/rflwojZYmXtRj7TBaI/D1VBXkjx
nxg20X7r/mo8EmT1ccRGlDhqxFleL+dqnBOzesSqdaDXvgkSrvyibfX0cSznzrDq
81m687pbuGbFUfQ1xz9pNOU7JqDY5aFPgbDI9+WZsxu78suooNZ73LMssOXio5NZ
7xIU+P8Ngnf6icIccSRl/jT8SRtcroNnPgfm6Eqn1IqXu0j5V5QIrmE6elL1TzYC
oHrduQvfsonpSWPB8Wr0UaOc2LS6ETk+aWhNxNXxrzoawsIaTvE6FQk50MnHn+mZ
OTnmbkhi/0yLxusDOhaq3rOm96qqqLr/Xvkxy82musuxmjRo3y2k1/TycHmpj/pD
V34FGuruj6Z1EF5+m1ct+5jlOEud6Ds6ZsgbEUALPJUMA1EvgBqtMQqe6CsGpZmF
xaR9VR0fL8eTTMHaIJl7N0vWaYNJWHjAHrF+UN4js1TPjBMYOAIJ256Lr2J097x9
CuWC+1KGbKeS+X1AhilUgE69Q2hi7bN0LxrtgGrp1BH7aEDp6FtxEWYj+jGnOfwa
fcJbDt+0XzmfN5tVUVUs
=QvA8
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted xen 4.1.4-3+deb7u5 (source all amd64) into proposed-updates->stable-new, proposed-updates
Next by Date: Accepted libgcrypt11 1.5.0-5+deb7u3 (source all amd64) into proposed-updates->stable-new, proposed-updates
Previous by thread: Accepted xen 4.1.4-3+deb7u5 (source all amd64) into proposed-updates->stable-new, proposed-updates
Next by thread: Accepted libgcrypt11 1.5.0-5+deb7u3 (source all amd64) into proposed-updates->stable-new, proposed-updates
Index(es):
- Date
- Thread