gnupg bug fix update
| Advisory: | RHBA-2010:0513-1 |
|---|---|
| Type: | Bug Fix Advisory |
| Severity: | N/A |
| Issued on: | 2010-07-08 |
| Last updated on: | 2010-07-08 |
| Affected Products: | Red Hat Enterprise Linux (v. 5 server) Red Hat Enterprise Linux Desktop (v. 5 client) |
Details
An updated gnupg package that fixes a bug is now available.
GnuPG is a utility for encrypting data and creating digital signatures.
This package addresses the following bug:
* compressed, old-style Modification Detection Code (MDC) packets do not
include length information and the decompressor uses an implicit end point.
In some circumstances (message length was likely the determining
circumstance) this could result in more bytes being supplied to the
decompressor than were needed. This resulted in GnuPG failing to decrypt
the file and returning an error as follows:
gpg: [don't know]: invalid packet (ctb=14)
With this update, the packet parsing was changed: MDC packets are now
decoded independently and are no longer passed to the packet parser that
lead to the errors. (BZ#592845).
GnuPG users should upgrade to this updated package, which resolves this
issue.
Solution
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
Updated packages
| Red Hat Enterprise Linux (v. 5 server) | |
| SRPMS: | |
| gnupg-1.4.5-14.el5_5.1.src.rpm | MD5: 64a2a22c4cd6d3b7bf7bc09ec951ee9c SHA-256: 818a0d0bcc694fc8c2661988eb88d7f5edb5af76498935c20d06f24182f6972b |
| IA-32: | |
| gnupg-1.4.5-14.el5_5.1.i386.rpm | MD5: 5a6e7d81beab551c67f0667f8f305b49 SHA-256: 02c38fc1235dca0237de83cc1c24a5e51a1ffab2ee91717104453fb55e654e6d |
| IA-64: | |
| gnupg-1.4.5-14.el5_5.1.ia64.rpm | MD5: 12036330f2dcebc4a063d549c640886f SHA-256: 8093216e7eacea5a4716cb8a3c6e13fb3a415e2a2469b010dedcb7748854c5ad |
| PPC: | |
| gnupg-1.4.5-14.el5_5.1.ppc.rpm | MD5: 6f4dcf6c031ba6a04054bea1f3a38b54 SHA-256: 92b8107978234bd07ac82a349a025138a32566192398f1295532ffe8e4241fc5 |
| s390x: | |
| gnupg-1.4.5-14.el5_5.1.s390x.rpm | MD5: be4b6ae25123814a338455a2d6b1ebfd SHA-256: 7fb19fda044993b6cc51da26d0e35e61f7df969acfc76388fc46045b54c0e695 |
| x86_64: | |
| gnupg-1.4.5-14.el5_5.1.x86_64.rpm | MD5: 0c167021c495966a6b50711eda0d076f SHA-256: f1bc165dbfe625d6dd7a9d26a2042d84223d899bdb33cefa4e24a960ca2d88fd |
| Red Hat Enterprise Linux Desktop (v. 5 client) | |
| SRPMS: | |
| gnupg-1.4.5-14.el5_5.1.src.rpm | MD5: 64a2a22c4cd6d3b7bf7bc09ec951ee9c SHA-256: 818a0d0bcc694fc8c2661988eb88d7f5edb5af76498935c20d06f24182f6972b |
| IA-32: | |
| gnupg-1.4.5-14.el5_5.1.i386.rpm | MD5: 5a6e7d81beab551c67f0667f8f305b49 SHA-256: 02c38fc1235dca0237de83cc1c24a5e51a1ffab2ee91717104453fb55e654e6d |
| x86_64: | |
| gnupg-1.4.5-14.el5_5.1.x86_64.rpm | MD5: 0c167021c495966a6b50711eda0d076f SHA-256: f1bc165dbfe625d6dd7a9d26a2042d84223d899bdb33cefa4e24a960ca2d88fd |
| (The unlinked packages above are only available from the Red Hat Network) | |
Bugs fixed (see bugzilla for more information)
602669 - gpg invalid packet error decrypting certain files
Keywords
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/
