exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Slackware Security Advisory - gnupg Updates

Slackware Security Advisory - gnupg Updates
Posted Aug 24, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-6313
SHA-256 | 81c47dd800315bdd57989d4822cd2882054bbb17120a80fbc0602fb991db554e

Slackware Security Advisory - gnupg Updates

Change Mirror Download


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] gnupg (SSA:2016-236-01)

New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.


Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/gnupg-1.4.21-i586-1_slack14.2.txz: Upgraded.
Fix critical security bug in the RNG [CVE-2016-6313]. An attacker who
obtains 580 bytes from the standard RNG can trivially predict the next
20 bytes of output. (This is according to the NEWS file included in the
source. According to the annoucement linked below, an attacker who obtains
4640 bits from the RNG can trivially predict the next 160 bits of output.)
Problem detected by Felix Doerre and Vladimir Klebanov, KIT.
For more information, see:
https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6313
(* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/gnupg-1.4.21-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/gnupg-1.4.21-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/gnupg-1.4.21-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/gnupg-1.4.21-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/gnupg-1.4.21-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/gnupg-1.4.21-x86_64-1_slack13.37.txz

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/gnupg-1.4.21-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/gnupg-1.4.21-x86_64-1_slack14.0.txz

Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/gnupg-1.4.21-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/gnupg-1.4.21-x86_64-1_slack14.1.txz

Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/gnupg-1.4.21-i586-1_slack14.2.txz

Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/gnupg-1.4.21-x86_64-1_slack14.2.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/gnupg-1.4.21-i586-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/gnupg-1.4.21-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 13.0 package:
ad17f87851028e4d5cb29676a6fea7f6 gnupg-1.4.21-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
650dde6cc6bcdc6c13da90e6d5ac5f5a gnupg-1.4.21-x86_64-1_slack13.0.txz

Slackware 13.1 package:
cb0755d93986a8df059ff531236f5adc gnupg-1.4.21-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
8459f1510a4fe319a42e6f87d7a05600 gnupg-1.4.21-x86_64-1_slack13.1.txz

Slackware 13.37 package:
ad785789eb17bd355ac9befa05c03905 gnupg-1.4.21-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
acc63f9119344496925efd85a911f38c gnupg-1.4.21-x86_64-1_slack13.37.txz

Slackware 14.0 package:
e7820ceca9a28c2c56929fd464384417 gnupg-1.4.21-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
765c22a321312e0b6a02ed4218e1d2b5 gnupg-1.4.21-x86_64-1_slack14.0.txz

Slackware 14.1 package:
1c0220324a41709919f77c942e7e8b17 gnupg-1.4.21-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
b08ee4540ec6552176c322c36c5da3e9 gnupg-1.4.21-x86_64-1_slack14.1.txz

Slackware 14.2 package:
5bdc1c890fd2f1bdb63bbd9e47ff5d4f gnupg-1.4.21-i586-1_slack14.2.txz

Slackware x86_64 14.2 package:
7088d02a89172c997b799d34f9b84f7c gnupg-1.4.21-x86_64-1_slack14.2.txz

Slackware -current package:
2808c06200971813a071efae1fb5f03a n/gnupg-1.4.21-i586-1.txz

Slackware x86_64 -current package:
db3de668806143ab7a3b05b3af16a91e n/gnupg-1.4.21-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg gnupg-1.4.21-i586-1_slack14.2.txz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAle8tkkACgkQakRjwEAQIjPNwACfW8eK+qHqEO1SLPCORZRaKlHs
+4YAn0Qjx44XUW45Ms54hw7BuixDa175
=vBAT
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close