- Issued:
- 2010-05-27
- Updated:
- 2010-05-27
RHBA-2010:0447 - Bug Fix Advisory
Synopsis
gnupg bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An updated gnupg package that fixes a bug is now available.
Description
GnuPG is a utility for encrypting data and creating digital signatures.
This package addresses the following bug:
- compressed, old-style Modification Detection Code (MDC) packets do not
include length information and the decompressor uses an implicit end point.
In some circumstances (message length was likely the determining
circumstance) this could result in more bytes being supplied to the
decompressor than were needed. This resulted in GnuPG failing to decrypt
the file and returning an error as follows:
gpg: [don't know]: invalid packet (ctb=14)
With this update, the packet parsing was changed: MDC packets are now
decoded independently and are no longer passed to the packet parser that
lead to the errors. (BZ#592845).
GnuPG users should upgrade to this updated package, which resolves this
issue.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 4 x86_64
- Red Hat Enterprise Linux Server 4 ia64
- Red Hat Enterprise Linux Server 4 i386
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.8 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.8 ia64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.8 i386
- Red Hat Enterprise Linux Workstation 4 x86_64
- Red Hat Enterprise Linux Workstation 4 ia64
- Red Hat Enterprise Linux Workstation 4 i386
- Red Hat Enterprise Linux Desktop 4 x86_64
- Red Hat Enterprise Linux Desktop 4 i386
- Red Hat Enterprise Linux for IBM z Systems 4 s390x
- Red Hat Enterprise Linux for IBM z Systems 4 s390
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8 s390x
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8 s390
- Red Hat Enterprise Linux for Power, big endian 4 ppc
- Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.8 ppc
Fixes
- BZ - 592845 - gpg invalid packet error decrypting certain files
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 4
SRPM | |
---|---|
gnupg-1.2.6-9.el4_8.1.src.rpm | SHA-256: ae82440644249660c871f913714fcab55323a08a240e0d74624b0a006a6b71f5 |
x86_64 | |
gnupg-1.2.6-9.el4_8.1.x86_64.rpm | SHA-256: d0bb23cd8d0df26f43a952aa3c3161e4cc7991ed2ea9dafcc911a076df44f08b |
gnupg-1.2.6-9.el4_8.1.x86_64.rpm | SHA-256: d0bb23cd8d0df26f43a952aa3c3161e4cc7991ed2ea9dafcc911a076df44f08b |
ia64 | |
gnupg-1.2.6-9.el4_8.1.ia64.rpm | SHA-256: 573308fb035f0756a2a381852691db9b2b031acda0e7b33d0a4ddbf49a47b3f0 |
gnupg-1.2.6-9.el4_8.1.ia64.rpm | SHA-256: 573308fb035f0756a2a381852691db9b2b031acda0e7b33d0a4ddbf49a47b3f0 |
i386 | |
gnupg-1.2.6-9.el4_8.1.i386.rpm | SHA-256: dcf688fb3bed0e650ae9197496a75a9685a1ae33be90f13557ed132ba13c9127 |
gnupg-1.2.6-9.el4_8.1.i386.rpm | SHA-256: dcf688fb3bed0e650ae9197496a75a9685a1ae33be90f13557ed132ba13c9127 |
Red Hat Enterprise Linux for x86_64 - Extended Update Support 4.8
SRPM | |
---|---|
gnupg-1.2.6-9.el4_8.1.src.rpm | SHA-256: ae82440644249660c871f913714fcab55323a08a240e0d74624b0a006a6b71f5 |
x86_64 | |
gnupg-1.2.6-9.el4_8.1.x86_64.rpm | SHA-256: d0bb23cd8d0df26f43a952aa3c3161e4cc7991ed2ea9dafcc911a076df44f08b |
gnupg-1.2.6-9.el4_8.1.x86_64.rpm | SHA-256: d0bb23cd8d0df26f43a952aa3c3161e4cc7991ed2ea9dafcc911a076df44f08b |
ia64 | |
gnupg-1.2.6-9.el4_8.1.ia64.rpm | SHA-256: 573308fb035f0756a2a381852691db9b2b031acda0e7b33d0a4ddbf49a47b3f0 |
gnupg-1.2.6-9.el4_8.1.ia64.rpm | SHA-256: 573308fb035f0756a2a381852691db9b2b031acda0e7b33d0a4ddbf49a47b3f0 |
i386 | |
gnupg-1.2.6-9.el4_8.1.i386.rpm | SHA-256: dcf688fb3bed0e650ae9197496a75a9685a1ae33be90f13557ed132ba13c9127 |
gnupg-1.2.6-9.el4_8.1.i386.rpm | SHA-256: dcf688fb3bed0e650ae9197496a75a9685a1ae33be90f13557ed132ba13c9127 |
Red Hat Enterprise Linux Workstation 4
SRPM | |
---|---|
gnupg-1.2.6-9.el4_8.1.src.rpm | SHA-256: ae82440644249660c871f913714fcab55323a08a240e0d74624b0a006a6b71f5 |
x86_64 | |
gnupg-1.2.6-9.el4_8.1.x86_64.rpm | SHA-256: d0bb23cd8d0df26f43a952aa3c3161e4cc7991ed2ea9dafcc911a076df44f08b |
ia64 | |
gnupg-1.2.6-9.el4_8.1.ia64.rpm | SHA-256: 573308fb035f0756a2a381852691db9b2b031acda0e7b33d0a4ddbf49a47b3f0 |
i386 | |
gnupg-1.2.6-9.el4_8.1.i386.rpm | SHA-256: dcf688fb3bed0e650ae9197496a75a9685a1ae33be90f13557ed132ba13c9127 |
Red Hat Enterprise Linux Desktop 4
SRPM | |
---|---|
gnupg-1.2.6-9.el4_8.1.src.rpm | SHA-256: ae82440644249660c871f913714fcab55323a08a240e0d74624b0a006a6b71f5 |
x86_64 | |
gnupg-1.2.6-9.el4_8.1.x86_64.rpm | SHA-256: d0bb23cd8d0df26f43a952aa3c3161e4cc7991ed2ea9dafcc911a076df44f08b |
i386 | |
gnupg-1.2.6-9.el4_8.1.i386.rpm | SHA-256: dcf688fb3bed0e650ae9197496a75a9685a1ae33be90f13557ed132ba13c9127 |
Red Hat Enterprise Linux for IBM z Systems 4
SRPM | |
---|---|
gnupg-1.2.6-9.el4_8.1.src.rpm | SHA-256: ae82440644249660c871f913714fcab55323a08a240e0d74624b0a006a6b71f5 |
s390x | |
gnupg-1.2.6-9.el4_8.1.s390x.rpm | SHA-256: ee8fae654b83f31fdad1bcf97093e54f9399f45faba74258024574c06acecebf |
s390 | |
gnupg-1.2.6-9.el4_8.1.s390.rpm | SHA-256: 435afe460ab19efe3497da73fe9040a477ea59a2f4661dcdf2df2662fea8a56b |
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 4.8
SRPM | |
---|---|
gnupg-1.2.6-9.el4_8.1.src.rpm | SHA-256: ae82440644249660c871f913714fcab55323a08a240e0d74624b0a006a6b71f5 |
s390x | |
gnupg-1.2.6-9.el4_8.1.s390x.rpm | SHA-256: ee8fae654b83f31fdad1bcf97093e54f9399f45faba74258024574c06acecebf |
s390 | |
gnupg-1.2.6-9.el4_8.1.s390.rpm | SHA-256: 435afe460ab19efe3497da73fe9040a477ea59a2f4661dcdf2df2662fea8a56b |
Red Hat Enterprise Linux for Power, big endian 4
SRPM | |
---|---|
gnupg-1.2.6-9.el4_8.1.src.rpm | SHA-256: ae82440644249660c871f913714fcab55323a08a240e0d74624b0a006a6b71f5 |
ppc | |
gnupg-1.2.6-9.el4_8.1.ppc.rpm | SHA-256: 09e61afd4fee4b78e9fe3c15460b81d413e9e9115b4e1065cff00ce0dbe19900 |
Red Hat Enterprise Linux for Power, big endian - Extended Update Support 4.8
SRPM | |
---|---|
gnupg-1.2.6-9.el4_8.1.src.rpm | SHA-256: ae82440644249660c871f913714fcab55323a08a240e0d74624b0a006a6b71f5 |
ppc | |
gnupg-1.2.6-9.el4_8.1.ppc.rpm | SHA-256: 09e61afd4fee4b78e9fe3c15460b81d413e9e9115b4e1065cff00ce0dbe19900 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.