gnupg security update

To: debian-lts-announce@lists.debian.org
Subject: gnupg security update
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 30 Jun 2014 19:42:38 +0000
Message-id: <[🔎] E1X1hTK-0006MN-2c@master.debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : gnupg
Version        : 1.4.10-4+squeeze5
CVE ID         : CVE-2014-4617
Debian Bug     : 752497

Jean-Rene Reinhard, Olivier Levillain and Florian Maury reported that
GnuPG, the GNU Privacy Guard, did not properly parse certain garbled
compressed data packets. A remote attacker could use this flaw to mount
a denial of service against GnuPG by triggering an infinite loop.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJTsbiyAAoJEAVMuPMTQ89E5c4QAI+Zo9u9iipJN1eGnyYyLnWS
6TvBlqvnfjVfahB3+MlLGA4nQugQzClAXJikDccHV6xxl6hbSvblNAIJpZNbLZXv
vJUw7le8XTFkyF0SNNekkI/cruh8otrPmEPT5PajWwWec1WsfodE4o/MtyNNHB8B
6Uon89UObQoXWsMbdsi1ZSwvkASoMhPDvi4a41BqJyIxgvGVjR/POq8f0t0aQjmL
Urj64LJpazKxAomroRmcA4kKWkZGHrO8AmMst1j/fqSiVI+aqkGufZHLvTXq+unU
/dHZ/XSkmh+afLdBo0ctgn6OpxKLNUGnlZnqVaf6VKnx0KVLvLCSGxiHPrn16k+m
6wIS94ruSrZjkOqgRMI3vQuE2oglaWLy0VqXY1GOByXmNf8rzvV4yKzKVqWz1zvn
WV39M5CPiePoFNyjdTZTu9Y96yrKGiuLlO0HLyA69aBMQrV2/nuqzMk4Wbq7Pd54
QeajF5WnWf6ycAT/9zfn/x4sjqYfi7H/HT9JStDERi2neNVkhKN8NvAYDf2JEiyY
X4I4JDKDpn4w0HUEx3V8wuJqZJo38LIwQ58hVZzORsYx4rINC7kJEURTvbM4JAlK
DHw5rSP9U+TWNj2if3CWhtNK085Hihk/m4+Ar0K7XWpEGshCJUqgG7iuCxOvsQDj
oytQjGFc6Mz0PSHxobwy
=YhUO
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: libemail-address-perl security update
Previous by thread: libemail-address-perl security update
Index(es):
- Date
- Thread