Module submission - gnupg
Zbigniew Luszpinski
zbiggy at o2.pl
Thu Nov 30 13:50:36 CET 2006
module name : gnupg
suggested section : crypto
update (y/n) : n
bugfix (y/n) : n
security (y/n) : y
A buffer overflow has been identified in all released GnuPG versions. The
current version 1.4.5 is affected.
When running GnuPG interactively, special crafted messages may be used
to crash gpg. Running gpg in batch mode, as done by all
software using gpg as a backend (e.g. mailers), is not affected by
this bug.
Exploiting this overflow seems to be possible.
This is official gnupg patch.
have a nice day,
Zbigniew 'zbiggy' Luszpinski
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gnupg-1.4.5-bo.patch
Type: text/x-diff
Size: 388 bytes
Desc: not available
Url : http://foo-projects.org/pipermail/lunar/attachments/20061130/ff8f117f/gnupg-1.4.5-bo.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gnupg.patch
Type: text/x-diff
Size: 898 bytes
Desc: not available
Url : http://foo-projects.org/pipermail/lunar/attachments/20061130/ff8f117f/gnupg.bin
More information about the Lunar
mailing list