- Issued:
- 2014-06-30
- Updated:
- 2014-10-13
RHBA-2014:0806 - Bug Fix Advisory
Synopsis
gnupg2 bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated gnupg2 packages that fix several bugs are now available for Red Hat
Enterprise Linux 6.
Description
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and
creating digital signatures, compliant with the proposed OpenPGP Internet
standard and the S/MIME standard.
This update fixes the following bugs:
- Previously, the secret key management daemon for GnuPG, gpg-agent, failed to
encode a new iteration count value when it created a new protected key or
changed an existing key. As a consequence, the key could not be unprotected and
gpg-agent thus did not properly interact with a number of programs that use key
decryption, such as KMail or Kleopatra. With this update, the new iteration
count is encoded properly and the decryption of keys created or modified by
gpg-agent no longer fails. (BZ#638635)
- Prior to this update, the GnuPG encryption and signing tool, gpg2, by default
used CAST5, an encryption algorithm not approved by FIPS standards.
Consequently, when gpg2 was run in FIPS mode, data encryption and decryption
failed and caused gpg2 to terminate unexpectedly. With this update, GnuPG uses
AES, a FIPS-approved encryption algorithm, and gpg2 data encryption and
decryption in FIPS mode work as intended. (BZ#966493)
- Previously, the GnuPG signature checking tool, gpgv2, did not correctly
interact with the Libgcrypt library. As a consequence, when the gpgv command was
used on a file, gpgv2 terminated unexpectedly. This update fixes the error and
the gpgv command now functions correctly. (BZ#1006879)
- Prior to this update, GnuPG did not check for availability of the RIPEMD-160
hash function digest. Because the RIPEMD-160 algorithm is not approved by FIPS
standards, GnuPG therefore terminated unexpectedly when the "gpg --verify"
command was used in FIPS mode to verify a signature that contained a RIPEMD-160
hash. With this update, GnuPG properly checks for RIPEMD-160 support and the
crash no longer occurs. (BZ#1078957)
Users of gnupg2 are advised to upgrade to these updated packages, which fix
these bugs.
Solution
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258
Affected Products
- Red Hat Enterprise Linux Server 6 x86_64
- Red Hat Enterprise Linux Server 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
- Red Hat Enterprise Linux Workstation 6 x86_64
- Red Hat Enterprise Linux Workstation 6 i386
- Red Hat Enterprise Linux Desktop 6 x86_64
- Red Hat Enterprise Linux Desktop 6 i386
- Red Hat Enterprise Linux for IBM z Systems 6 s390x
- Red Hat Enterprise Linux for Power, big endian 6 ppc64
- Red Hat Enterprise Linux for Scientific Computing 6 x86_64
- Red Hat Enterprise Linux Server from RHUI 6 x86_64
- Red Hat Enterprise Linux Server from RHUI 6 i386
- Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
- Red Hat Enterprise Linux Server - Retired Extended Life Cycle Support 6 x86_64
Fixes
- BZ - 638635 - gpg-agent fails to encode "iteration count" into private keys, thus never unprotects secret key
- BZ - 966493 - symmetric encryption/decryption doesn't work in FIPS mode
- BZ - 1078957 - gpg --verify coredumps when verifying a signature with RIPEMD160 digest in FIPS mode
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 6
SRPM | |
---|---|
gnupg2-2.0.14-8.el6.src.rpm | SHA-256: 00589845762d75872eb858b7e42e9fb653f28f8b42fe9d53d5966d7752b56379 |
x86_64 | |
gnupg2-2.0.14-8.el6.x86_64.rpm | SHA-256: 354262f1fed8e1a8f7204d18e29ca3d84511ebe88a14039ad39b33b363dd0215 |
gnupg2-debuginfo-2.0.14-8.el6.x86_64.rpm | SHA-256: 5e4d070a21591225796dd4e15007cae05c73fc564ce973f2c9eef886d025e2a5 |
gnupg2-debuginfo-2.0.14-8.el6.x86_64.rpm | SHA-256: 5e4d070a21591225796dd4e15007cae05c73fc564ce973f2c9eef886d025e2a5 |
gnupg2-smime-2.0.14-8.el6.x86_64.rpm | SHA-256: c512c6436ec7bdda27da75abca1e038ad6092c3bd47b88e9bbd1e0cf81507d95 |
i386 | |
gnupg2-2.0.14-8.el6.i686.rpm | SHA-256: f242dcb015d53fe3db192d33111d268b5f6fc9f56a3506b712007bfe8e6291ac |
gnupg2-debuginfo-2.0.14-8.el6.i686.rpm | SHA-256: d67c2e4ea813bbefcc8818c0bd8c471405232e71e62f56dbd5b955ab6e161a8e |
gnupg2-debuginfo-2.0.14-8.el6.i686.rpm | SHA-256: d67c2e4ea813bbefcc8818c0bd8c471405232e71e62f56dbd5b955ab6e161a8e |
gnupg2-smime-2.0.14-8.el6.i686.rpm | SHA-256: 9b3276827ac7b5faef6e0b4fa6303cbda8287de26cb913a8a69a0637194be4ba |
Red Hat Enterprise Linux Server - Extended Life Cycle Support 6
SRPM | |
---|---|
gnupg2-2.0.14-8.el6.src.rpm | SHA-256: 00589845762d75872eb858b7e42e9fb653f28f8b42fe9d53d5966d7752b56379 |
i386 | |
gnupg2-2.0.14-8.el6.i686.rpm | SHA-256: f242dcb015d53fe3db192d33111d268b5f6fc9f56a3506b712007bfe8e6291ac |
gnupg2-debuginfo-2.0.14-8.el6.i686.rpm | SHA-256: d67c2e4ea813bbefcc8818c0bd8c471405232e71e62f56dbd5b955ab6e161a8e |
gnupg2-debuginfo-2.0.14-8.el6.i686.rpm | SHA-256: d67c2e4ea813bbefcc8818c0bd8c471405232e71e62f56dbd5b955ab6e161a8e |
gnupg2-smime-2.0.14-8.el6.i686.rpm | SHA-256: 9b3276827ac7b5faef6e0b4fa6303cbda8287de26cb913a8a69a0637194be4ba |
x86_64 | |
gnupg2-2.0.14-8.el6.x86_64.rpm | SHA-256: 354262f1fed8e1a8f7204d18e29ca3d84511ebe88a14039ad39b33b363dd0215 |
gnupg2-debuginfo-2.0.14-8.el6.x86_64.rpm | SHA-256: 5e4d070a21591225796dd4e15007cae05c73fc564ce973f2c9eef886d025e2a5 |
gnupg2-debuginfo-2.0.14-8.el6.x86_64.rpm | SHA-256: 5e4d070a21591225796dd4e15007cae05c73fc564ce973f2c9eef886d025e2a5 |
gnupg2-smime-2.0.14-8.el6.x86_64.rpm | SHA-256: c512c6436ec7bdda27da75abca1e038ad6092c3bd47b88e9bbd1e0cf81507d95 |
Red Hat Enterprise Linux Workstation 6
SRPM | |
---|---|
gnupg2-2.0.14-8.el6.src.rpm | SHA-256: 00589845762d75872eb858b7e42e9fb653f28f8b42fe9d53d5966d7752b56379 |
x86_64 | |
gnupg2-2.0.14-8.el6.x86_64.rpm | SHA-256: 354262f1fed8e1a8f7204d18e29ca3d84511ebe88a14039ad39b33b363dd0215 |
gnupg2-debuginfo-2.0.14-8.el6.x86_64.rpm | SHA-256: 5e4d070a21591225796dd4e15007cae05c73fc564ce973f2c9eef886d025e2a5 |
gnupg2-debuginfo-2.0.14-8.el6.x86_64.rpm | SHA-256: 5e4d070a21591225796dd4e15007cae05c73fc564ce973f2c9eef886d025e2a5 |
gnupg2-smime-2.0.14-8.el6.x86_64.rpm | SHA-256: c512c6436ec7bdda27da75abca1e038ad6092c3bd47b88e9bbd1e0cf81507d95 |
i386 | |
gnupg2-2.0.14-8.el6.i686.rpm | SHA-256: f242dcb015d53fe3db192d33111d268b5f6fc9f56a3506b712007bfe8e6291ac |
gnupg2-debuginfo-2.0.14-8.el6.i686.rpm | SHA-256: d67c2e4ea813bbefcc8818c0bd8c471405232e71e62f56dbd5b955ab6e161a8e |
gnupg2-debuginfo-2.0.14-8.el6.i686.rpm | SHA-256: d67c2e4ea813bbefcc8818c0bd8c471405232e71e62f56dbd5b955ab6e161a8e |
gnupg2-smime-2.0.14-8.el6.i686.rpm | SHA-256: 9b3276827ac7b5faef6e0b4fa6303cbda8287de26cb913a8a69a0637194be4ba |
Red Hat Enterprise Linux Desktop 6
SRPM | |
---|---|
gnupg2-2.0.14-8.el6.src.rpm | SHA-256: 00589845762d75872eb858b7e42e9fb653f28f8b42fe9d53d5966d7752b56379 |
x86_64 | |
gnupg2-2.0.14-8.el6.x86_64.rpm | SHA-256: 354262f1fed8e1a8f7204d18e29ca3d84511ebe88a14039ad39b33b363dd0215 |
gnupg2-debuginfo-2.0.14-8.el6.x86_64.rpm | SHA-256: 5e4d070a21591225796dd4e15007cae05c73fc564ce973f2c9eef886d025e2a5 |
gnupg2-debuginfo-2.0.14-8.el6.x86_64.rpm | SHA-256: 5e4d070a21591225796dd4e15007cae05c73fc564ce973f2c9eef886d025e2a5 |
gnupg2-smime-2.0.14-8.el6.x86_64.rpm | SHA-256: c512c6436ec7bdda27da75abca1e038ad6092c3bd47b88e9bbd1e0cf81507d95 |
i386 | |
gnupg2-2.0.14-8.el6.i686.rpm | SHA-256: f242dcb015d53fe3db192d33111d268b5f6fc9f56a3506b712007bfe8e6291ac |
gnupg2-debuginfo-2.0.14-8.el6.i686.rpm | SHA-256: d67c2e4ea813bbefcc8818c0bd8c471405232e71e62f56dbd5b955ab6e161a8e |
gnupg2-debuginfo-2.0.14-8.el6.i686.rpm | SHA-256: d67c2e4ea813bbefcc8818c0bd8c471405232e71e62f56dbd5b955ab6e161a8e |
gnupg2-smime-2.0.14-8.el6.i686.rpm | SHA-256: 9b3276827ac7b5faef6e0b4fa6303cbda8287de26cb913a8a69a0637194be4ba |
Red Hat Enterprise Linux for IBM z Systems 6
SRPM | |
---|---|
gnupg2-2.0.14-8.el6.src.rpm | SHA-256: 00589845762d75872eb858b7e42e9fb653f28f8b42fe9d53d5966d7752b56379 |
s390x | |
gnupg2-2.0.14-8.el6.s390x.rpm | SHA-256: fef8a6f7fecae68249f021a6826d7366331aee402712f8600b8f02cca98682f9 |
gnupg2-debuginfo-2.0.14-8.el6.s390x.rpm | SHA-256: 8b597c08d55480966a1c83883fc55055f21226f3998c34cf24ac973427d6d627 |
gnupg2-debuginfo-2.0.14-8.el6.s390x.rpm | SHA-256: 8b597c08d55480966a1c83883fc55055f21226f3998c34cf24ac973427d6d627 |
gnupg2-smime-2.0.14-8.el6.s390x.rpm | SHA-256: 1e4f1c2cd2c8a997e6bc81929d2a1a2200fdd72e18619141aa0e0b6a898f28b5 |
Red Hat Enterprise Linux for Power, big endian 6
SRPM | |
---|---|
gnupg2-2.0.14-8.el6.src.rpm | SHA-256: 00589845762d75872eb858b7e42e9fb653f28f8b42fe9d53d5966d7752b56379 |
ppc64 | |
gnupg2-2.0.14-8.el6.ppc64.rpm | SHA-256: d74e61f1e126a6c51eae751ef568c366f4b8e6671b68569cffef3a86f214151e |
gnupg2-debuginfo-2.0.14-8.el6.ppc64.rpm | SHA-256: a82a45ade8eb8ff8447c70f6f337e43cb65424a6f81a6d910a15556c05adeeb8 |
gnupg2-debuginfo-2.0.14-8.el6.ppc64.rpm | SHA-256: a82a45ade8eb8ff8447c70f6f337e43cb65424a6f81a6d910a15556c05adeeb8 |
gnupg2-smime-2.0.14-8.el6.ppc64.rpm | SHA-256: 14b606f1696c45c11a8db9b0d1c4eb0a09112a1ffe5423239d18645333ce1623 |
Red Hat Enterprise Linux for Scientific Computing 6
SRPM | |
---|---|
gnupg2-2.0.14-8.el6.src.rpm | SHA-256: 00589845762d75872eb858b7e42e9fb653f28f8b42fe9d53d5966d7752b56379 |
x86_64 | |
gnupg2-2.0.14-8.el6.x86_64.rpm | SHA-256: 354262f1fed8e1a8f7204d18e29ca3d84511ebe88a14039ad39b33b363dd0215 |
gnupg2-debuginfo-2.0.14-8.el6.x86_64.rpm | SHA-256: 5e4d070a21591225796dd4e15007cae05c73fc564ce973f2c9eef886d025e2a5 |
gnupg2-debuginfo-2.0.14-8.el6.x86_64.rpm | SHA-256: 5e4d070a21591225796dd4e15007cae05c73fc564ce973f2c9eef886d025e2a5 |
gnupg2-smime-2.0.14-8.el6.x86_64.rpm | SHA-256: c512c6436ec7bdda27da75abca1e038ad6092c3bd47b88e9bbd1e0cf81507d95 |
Red Hat Enterprise Linux Server from RHUI 6
SRPM | |
---|---|
gnupg2-2.0.14-8.el6.src.rpm | SHA-256: 00589845762d75872eb858b7e42e9fb653f28f8b42fe9d53d5966d7752b56379 |
x86_64 | |
gnupg2-2.0.14-8.el6.x86_64.rpm | SHA-256: 354262f1fed8e1a8f7204d18e29ca3d84511ebe88a14039ad39b33b363dd0215 |
gnupg2-debuginfo-2.0.14-8.el6.x86_64.rpm | SHA-256: 5e4d070a21591225796dd4e15007cae05c73fc564ce973f2c9eef886d025e2a5 |
gnupg2-debuginfo-2.0.14-8.el6.x86_64.rpm | SHA-256: 5e4d070a21591225796dd4e15007cae05c73fc564ce973f2c9eef886d025e2a5 |
gnupg2-smime-2.0.14-8.el6.x86_64.rpm | SHA-256: c512c6436ec7bdda27da75abca1e038ad6092c3bd47b88e9bbd1e0cf81507d95 |
i386 | |
gnupg2-2.0.14-8.el6.i686.rpm | SHA-256: f242dcb015d53fe3db192d33111d268b5f6fc9f56a3506b712007bfe8e6291ac |
gnupg2-debuginfo-2.0.14-8.el6.i686.rpm | SHA-256: d67c2e4ea813bbefcc8818c0bd8c471405232e71e62f56dbd5b955ab6e161a8e |
gnupg2-debuginfo-2.0.14-8.el6.i686.rpm | SHA-256: d67c2e4ea813bbefcc8818c0bd8c471405232e71e62f56dbd5b955ab6e161a8e |
gnupg2-smime-2.0.14-8.el6.i686.rpm | SHA-256: 9b3276827ac7b5faef6e0b4fa6303cbda8287de26cb913a8a69a0637194be4ba |
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6
SRPM | |
---|---|
gnupg2-2.0.14-8.el6.src.rpm | SHA-256: 00589845762d75872eb858b7e42e9fb653f28f8b42fe9d53d5966d7752b56379 |
s390x | |
gnupg2-2.0.14-8.el6.s390x.rpm | SHA-256: fef8a6f7fecae68249f021a6826d7366331aee402712f8600b8f02cca98682f9 |
gnupg2-debuginfo-2.0.14-8.el6.s390x.rpm | SHA-256: 8b597c08d55480966a1c83883fc55055f21226f3998c34cf24ac973427d6d627 |
gnupg2-debuginfo-2.0.14-8.el6.s390x.rpm | SHA-256: 8b597c08d55480966a1c83883fc55055f21226f3998c34cf24ac973427d6d627 |
gnupg2-smime-2.0.14-8.el6.s390x.rpm | SHA-256: 1e4f1c2cd2c8a997e6bc81929d2a1a2200fdd72e18619141aa0e0b6a898f28b5 |
Red Hat Enterprise Linux Server - Retired Extended Life Cycle Support 6
SRPM | |
---|---|
gnupg2-2.0.14-8.el6.src.rpm | SHA-256: 00589845762d75872eb858b7e42e9fb653f28f8b42fe9d53d5966d7752b56379 |
x86_64 | |
gnupg2-2.0.14-8.el6.x86_64.rpm | SHA-256: 354262f1fed8e1a8f7204d18e29ca3d84511ebe88a14039ad39b33b363dd0215 |
gnupg2-debuginfo-2.0.14-8.el6.x86_64.rpm | SHA-256: 5e4d070a21591225796dd4e15007cae05c73fc564ce973f2c9eef886d025e2a5 |
gnupg2-debuginfo-2.0.14-8.el6.x86_64.rpm | SHA-256: 5e4d070a21591225796dd4e15007cae05c73fc564ce973f2c9eef886d025e2a5 |
gnupg2-smime-2.0.14-8.el6.x86_64.rpm | SHA-256: c512c6436ec7bdda27da75abca1e038ad6092c3bd47b88e9bbd1e0cf81507d95 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.