[El-errata] ELSA-2007:0106 Important: Enterprise Linux 3 gnupg security update

el-errata at oss.oracle.com el-errata at oss.oracle.com
Thu Mar 22 22:08:37 PDT 2007


Enterprise Linux Security Advisory ELSA-2007:0106

https://rhn.redhat.com/errata/RHSA-2007-0106.html

The following updated rpms for Enterprise Linux 3 have been uploaded to 
the Unbreakable Linux Network:

i386:
gnupg-1.2.1-20.i386.rpm

x86_64:
gnupg-1.2.1-20.x86_64.rpm

SRPMS:
http://oss.oracle.com/el3/SRPMS-updates/gnupg-1.2.1-20.src.rpm


Description of changes:

[1.2.1-20]
- incorporate backport of patch from Werner to work around clients which
  can't tell that multiple plain messages have been processed (#230456)

[1.2.1-19]
- incorporate patch from Werner to fix use of stack variable after it goes
  out of scope (CVE-2006-6235, #218480)

[1.2.1-18]
- add patch for overflow in openfile.c from Werner's mail (CVE-2006-6169)

[1.2.1-17]
- backport fixes for two more malloc overflows from 1.4.5rc1
  (CVE-2006-3746, #200502)

[1.2.1-16]
- add patch from upstream to fix CVE-2006-3082 (#195945)




More information about the El-errata mailing list