what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Slackware Security Advisory - gnupg Updates

Slackware Security Advisory - gnupg Updates
Posted Aug 24, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-6313
SHA-256 | 81c47dd800315bdd57989d4822cd2882054bbb17120a80fbc0602fb991db554e

Slackware Security Advisory - gnupg Updates

Change Mirror Download


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] gnupg (SSA:2016-236-01)

New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.


Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/gnupg-1.4.21-i586-1_slack14.2.txz: Upgraded.
Fix critical security bug in the RNG [CVE-2016-6313]. An attacker who
obtains 580 bytes from the standard RNG can trivially predict the next
20 bytes of output. (This is according to the NEWS file included in the
source. According to the annoucement linked below, an attacker who obtains
4640 bits from the RNG can trivially predict the next 160 bits of output.)
Problem detected by Felix Doerre and Vladimir Klebanov, KIT.
For more information, see:
https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313
(* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/gnupg-1.4.21-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/gnupg-1.4.21-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/gnupg-1.4.21-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/gnupg-1.4.21-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/gnupg-1.4.21-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/gnupg-1.4.21-x86_64-1_slack13.37.txz

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/gnupg-1.4.21-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/gnupg-1.4.21-x86_64-1_slack14.0.txz

Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/gnupg-1.4.21-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/gnupg-1.4.21-x86_64-1_slack14.1.txz

Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/gnupg-1.4.21-i586-1_slack14.2.txz

Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/gnupg-1.4.21-x86_64-1_slack14.2.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/gnupg-1.4.21-i586-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/gnupg-1.4.21-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 13.0 package:
ad17f87851028e4d5cb29676a6fea7f6 gnupg-1.4.21-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
650dde6cc6bcdc6c13da90e6d5ac5f5a gnupg-1.4.21-x86_64-1_slack13.0.txz

Slackware 13.1 package:
cb0755d93986a8df059ff531236f5adc gnupg-1.4.21-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
8459f1510a4fe319a42e6f87d7a05600 gnupg-1.4.21-x86_64-1_slack13.1.txz

Slackware 13.37 package:
ad785789eb17bd355ac9befa05c03905 gnupg-1.4.21-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
acc63f9119344496925efd85a911f38c gnupg-1.4.21-x86_64-1_slack13.37.txz

Slackware 14.0 package:
e7820ceca9a28c2c56929fd464384417 gnupg-1.4.21-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
765c22a321312e0b6a02ed4218e1d2b5 gnupg-1.4.21-x86_64-1_slack14.0.txz

Slackware 14.1 package:
1c0220324a41709919f77c942e7e8b17 gnupg-1.4.21-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
b08ee4540ec6552176c322c36c5da3e9 gnupg-1.4.21-x86_64-1_slack14.1.txz

Slackware 14.2 package:
5bdc1c890fd2f1bdb63bbd9e47ff5d4f gnupg-1.4.21-i586-1_slack14.2.txz

Slackware x86_64 14.2 package:
7088d02a89172c997b799d34f9b84f7c gnupg-1.4.21-x86_64-1_slack14.2.txz

Slackware -current package:
2808c06200971813a071efae1fb5f03a n/gnupg-1.4.21-i586-1.txz

Slackware x86_64 -current package:
db3de668806143ab7a3b05b3af16a91e n/gnupg-1.4.21-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg gnupg-1.4.21-i586-1_slack14.2.txz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAle8tkkACgkQakRjwEAQIjPNwACfW8eK+qHqEO1SLPCORZRaKlHs
+4YAn0Qjx44XUW45Ms54hw7BuixDa175
=vBAT
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close