[Pkg-gnupg-maint] Bug#778577: CVE-2015-1606 CVE-2015-1607 -- multiple issues found in GnuPG
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Feb 16 23:09:18 UTC 2015
Package: gnupg2
Version: 2.0.14-2
Tags: security
Control: notfound -1 2.1.2-1
Several coding errors were discovered in GnuPG 2.0 lately by Hanno Böck
as part of the Fuzzing Project:
https://blog.fuzzing-project.org/5-Multiple-issues-in-GnuPG-found-through-keyring-fuzzing-TFPA-0012015.html
These changes are in upstream git, but have not been rolled into an
official release yet, except for 2.1.2 on the upstream "modern" branch.
I believe they go back as far as the version in squeeze, possibly
farther.
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20150216/03dc6704/attachment.sig>
More information about the Pkg-gnupg-maint
mailing list