| 1 |
Hi all, I found out via bugtraq mailing list this morning that gnupg-1.0.5 and |
| 2 |
earlier have a vulnerability that will let someone gain unauthorized access. I |
| 3 |
don't have a link for you because the archives haven't been updated on |
| 4 |
securityfocus.com. You may upgrade via portage in about a half hour when the |
| 5 |
rsync tree gets updated. The package you want is app-crypt/gnupg-1.0.6. I |
| 6 |
still didn't add the SUID to the gpg binary, I figure I'll leave that up to |
| 7 |
the installer. It'll still work, but will not be able to use secure memory |
| 8 |
when run as a normal user. |
Archives