XPost: linux.debian.security
From:
[email protected]
--047d7b3a8a5c4b1c7304fd1195ed
Content-Type: text/plain; charset=ISO-8859-1
& what should I do with the Above "gobble-D-GOOK? even my usb Flashdrives
Are wiped!, (not by me!).
On Fri, Jun 27, 2014 at 1:14 AM, Salvatore Bonaccorso <
[email protected]> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-2968-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso June 27, 2014 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : gnupg2
CVE ID : CVE-2014-4617
Debian Bug : 752498
Jean-Rene Reinhard, Olivier Levillain and Florian Maury reported that
GnuPG, the GNU Privacy Guard, did not properly parse certain garbled compressed data packets. A remote attacker could use this flaw to mount
a denial of service against GnuPG by triggering an infinite loop.
For the stable distribution (wheezy), this problem has been fixed in
version 2.0.19-2+deb7u2.
For the testing distribution (jessie), this problem has been fixed in
version 2.0.24-1.
For the unstable distribution (sid), this problem has been fixed in
version 2.0.24-1.
We recommend that you upgrade your gnupg2 packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJTrSUZAAoJEAVMuPMTQ89ExOEP/1Ycmnphx4Quq4BvlIFM8EbR vhH2tfBSUr4VAgik2AkGKOUTaci6qJLrs9Sf4lGnjobTXFn8+BitNiO3AFn2wIq1 eIqosXZxUflNquCvSyfxjid8MuJk7DOzSca8QENlTQfDKk+5LpWGfKM1I2dKSvOh Q4KTfcQU6nM17Epczj6eAUDqGdX+I5qPBJLTD5Cc+t9eOy2Erdaj+NWUc/lBDjgo oQDw/ytZLzI5AwJoc1dAtQR0pEbNlBXrGOs9p1+8VdZ4V7cNjkPJLtsHZj0d+M8o 0/4IsKQEM4Fzu4nrjTiiLDpf2+tYqHMtst9AzY0Hf1gaZAGA0Sdx5Kvts5zBSfz8 WbiKTZvvLqgkWUOdxqIf9/tT6tbr8vkuNPdtcBnvyIM8fb4MiXcBBbhG03fTgvpr f776rjk6Y3IWHp0RhNBn8Lep4YGExzyoKikTqUjQoHcMGVhCBtcAfTnLlCKc8IVz UPyp0gzv1GTrMeZq8riyLckBpBMTf0i8bEncK/0buyBwDevjdFGSUoBh+hsqtktV dUYNTLpSJoqAAbWCqytiPQ7A6VP5IyuXmUcn1vIFTV9gGFsChpIJFQ/Y298X6xM6 u+Z7NhZjcrvfGy+I7Hcv1q1tHQszdvPJZc46dFBKhpupKA+swvg3iG4FbTxNPOH1 kk6B9YFnYI+Nq2zzcyAr
=7fez
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact
[email protected]
Archive: https://lists.debian.org/[email protected]
--047d7b3a8a5c4b1c7304fd1195ed
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir="ltr"><div class="gmail_default" style="font-family:comic sans ms,sans-serif">& what should I do with the Above "gobble-D-GOOK? even my usb Flashdrives Are wiped!, (not by me!).</div></div><div class="gmail_extra">
<br><br><div class="gmail_quote">On Fri, Jun 27, 2014 at 1:14 AM, Salvatore Bonaccorso <span dir="ltr"><<a href="mailto:
[email protected]" target="_blank">
[email protected]</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .
8ex;border-left:1px #ccc solid;padding-left:1ex">
-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA512<br>
- -------------------------------------------------------------------------<br> Debian Security Advisory DSA-2968-1 � � � � � � � � � <a href="mailto:
[email protected]">
[email protected]</a><br>
<a href="
http://www.debian.org/security/" target="_blank">
http://www.debian.org/security/</a> � � � � � � � � � � �Salvatore Bonaccorso<br>
June 27, 2014 � � � � � � � � � � � � �<a href="
http://www.debian.org/security/faq" target="_blank">
http://www.debian.org/security/faq</a><br>
- -------------------------------------------------------------------------<br>
Package � � � �: gnupg2<br>
CVE ID � � � � : CVE-2014-4617<br>
Debian Bug � � : 752498<br>
Jean-Rene Reinhard, Olivier Levillain and Florian Maury reported that<br> GnuPG, the GNU Privacy Guard, did not properly parse certain garbled<br> compressed data packets. A remote attacker could use this flaw to mount<br>
a denial of service against GnuPG by triggering an infinite loop.<br>
For the stable distribution (wheezy), this problem has been fixed in<br> version 2.0.19-2+deb7u2.<br>
For the testing distribution (jessie), this problem has been fixed in<br> version 2.0.24-1.<br>
For the unstable distribution (sid), this problem has been fixed in<br>
version 2.0.24-1.<br>
We recommend that you upgrade your gnupg2 packages.<br>
Further information about Debian Security Advisories, how to apply<br>
these updates to your system and frequently asked questions can be<br>
found at: <a href="
http://www.debian.org/security/" target="_blank">
http://www.debian.org/security/</a><br>
Mailing list: <a href="mailto:
[email protected]">
[email protected]</a><br>
[continued in next message]
--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)