[Pkg-gnupg-maint] wheezy security update for gnupg2
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Feb 18 10:17:33 UTC 2015
hey all--
I've prepared a wheezy security update that rolls up the two recent CVEs
and also a number of other NULL pointer dereferences, DoS vectors, etc
that have come to light with recent fuzzing and review.
It's on the wheezy branch in our git repo. I'm inclined to push it to
wheezy-security soon, but i'd really like to have someone else look over
it and make sure that it seems reasonable before we push it out.
it's commit id 7a20de5b1e11b5d5addc6aaac841e30ea482a9dc, if people want
to try building it on wheezy systems like so:
git clone git://anonscm.debian.org/pkg-gnupg/gnupg2.git -b wheezy
cd gnupg2
git log -n1 ## make sure you're at 7a20de5b1e11b5d5addc6aaac841e30ea482a9dc
git-buildpackage -uc -us
please report back on the list!
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20150218/bfa72174/attachment.sig>
More information about the Pkg-gnupg-maint
mailing list