Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-announce

From: Sune Kloppenborg Jeppesen <jaervosz@g.o>
To: gentoo-announce@l.g.o
Cc: bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject: [gentoo-announce] ERRATA: [ GLSA 200608-08 ] GnuPG: Integer overflow vulnerability
Date: Tue, 08 Aug 2006 20:16:34
Message-Id: 200608082111.58290.jaervosz@gentoo.org
1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2 Gentoo Linux Security Advisory [ERRATA UPDATE] GLSA 200608-08:02
3 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4 http://security.gentoo.org/
5 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7 Severity: High
8 Title: GnuPG: Integer overflow vulnerability
9 Date: August 05, 2006
10 Updated: August 08, 2006
11 Bugs: #142248
12 ID: 200608-08:02
13
14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
15
16 Errata
17 ======
18
19 The Resolution proposed in the original version of this Security Advisory did
20 not correctly address the issue for users who also have GnuPG 1.9 installed.
21
22 The corrected sections appear below.
23
24 Resolution
25 ==========
26
27 All GnuPG users should upgrade to the latest version:
28
29 # emerge --sync
30 # emerge --ask --oneshot --verbose "=app-crypt/gnupg-1.4*"
31
32 References
33 ==========
34
35 [ 1 ] CVE-2006-3746
36 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3746
37
38 Availability
39 ============
40
41 This GLSA and any updates to it are available for viewing at
42 the Gentoo Security Website:
43
44 http://security.gentoo.org/glsa/glsa-200608-08.xml
45
46 Concerns?
47 =========
48
49 Security is a primary focus of Gentoo Linux and ensuring the
50 confidentiality and security of our users machines is of utmost
51 importance to us. Any security concerns should be addressed to
52 security@g.o or alternatively, you may file a bug at
53 http://bugs.gentoo.org.
54
55 License
56 =======
57
58 Copyright 2006 Gentoo Foundation, Inc; referenced text
59 belongs to its owner(s).
60
61 The contents of this document are licensed under the
62 Creative Commons - Attribution / Share Alike license.
63
64 http://creativecommons.org/licenses/by-sa/2.5
Report Message
Find on MARC Find on Google Groups