Security Advisory Important: gnupg security update

Advisory: RHSA-2006:0754-2
Type: Security Advisory
Severity: Important
Issued on: 2006-12-06
Last updated on: 2006-12-12
Affected Products: Red Hat Desktop (v. 3)
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Enterprise Linux WS (v. 4)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
OVAL: com.redhat.rhsa-20060754.xml
CVEs (cve.mitre.org): CVE-2006-6169
CVE-2006-6235

Details

Updated GnuPG packages that fix two security issues are now available.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

GnuPG is a utility for encrypting data and creating digital signatures.

Tavis Ormandy discovered a stack overwrite flaw in the way GnuPG decrypts
messages. An attacker could create carefully crafted message that could cause
GnuPG to execute arbitrary code if a victim attempts to decrypt the message.
(CVE-2006-6235)

A heap based buffer overflow flaw was found in the way GnuPG constructs
messages to be written to the terminal during an interactive session. An
attacker could create a carefully crafted message which with user interaction
could cause GnuPG to execute arbitrary code with the permissions of the
user running GnuPG. (CVE-2006-6169)

All users of GnuPG are advised to upgrade to this updated package, which
contains a backported patch to correct these issues.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

Updated packages

Red Hat Desktop (v. 3)
SRPMS:
gnupg-1.2.1-19.src.rpm
File outdated by:  RHSA-2007:0106		     2006add6d6ece17f59f4a9397d621665
 
IA-32:
gnupg-1.2.1-19.i386.rpm
File outdated by:  RHSA-2007:0106		     39045347836c30667687d601a58965a9
 
x86_64:
gnupg-1.2.1-19.x86_64.rpm
File outdated by:  RHSA-2007:0106		     4cd47c1ff13aecfc4fb235e98b156e06
 
Red Hat Desktop (v. 4)
SRPMS:
gnupg-1.2.6-8.src.rpm
File outdated by:  RHSA-2007:0106		     4d919fce07aa4051c6a8ec5f871430c8
 
IA-32:
gnupg-1.2.6-8.i386.rpm
File outdated by:  RHSA-2007:0106		     640862942e412f7070f4633cef6a480e
 
x86_64:
gnupg-1.2.6-8.x86_64.rpm
File outdated by:  RHSA-2007:0106		     800e7c982ba81ae0651b0091fdf61a63
 
Red Hat Enterprise Linux AS (v. 2.1)
SRPMS:
gnupg-1.0.7-20.src.rpm
File outdated by:  RHSA-2007:0106		     55f3008c00505b9ed691a1621f9f679b
 
IA-32:
gnupg-1.0.7-20.i386.rpm
File outdated by:  RHSA-2007:0106		     25113e54fca82c67a1adb0d14c536aa9
 
IA-64:
gnupg-1.0.7-20.ia64.rpm
File outdated by:  RHSA-2007:0106		     6a3a3c6dc0e4b65fd5eddc75a422fead
 
Red Hat Enterprise Linux AS (v. 3)
SRPMS:
gnupg-1.2.1-19.src.rpm
File outdated by:  RHSA-2007:0106		     2006add6d6ece17f59f4a9397d621665
 
IA-32:
gnupg-1.2.1-19.i386.rpm
File outdated by:  RHSA-2007:0106		     39045347836c30667687d601a58965a9
 
IA-64:
gnupg-1.2.1-19.ia64.rpm
File outdated by:  RHSA-2007:0106		     978ff04512ff5e7706d505e0fa46e0eb
 
PPC:
gnupg-1.2.1-19.ppc.rpm
File outdated by:  RHSA-2007:0106		     7f21902fb2f508d735bbc430a01765f4
 
s390:
gnupg-1.2.1-19.s390.rpm
File outdated by:  RHSA-2007:0106		     d9fefbd2ef988552d9b1b3b0a890acef
 
s390x:
gnupg-1.2.1-19.s390x.rpm
File outdated by:  RHSA-2007:0106		     5fe40389e0aeb86ab0b9b1d413e899d1
 
x86_64:
gnupg-1.2.1-19.x86_64.rpm
File outdated by:  RHSA-2007:0106		     4cd47c1ff13aecfc4fb235e98b156e06
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
gnupg-1.2.6-8.src.rpm
File outdated by:  RHSA-2007:0106		     4d919fce07aa4051c6a8ec5f871430c8
 
IA-32:
gnupg-1.2.6-8.i386.rpm
File outdated by:  RHSA-2007:0106		     640862942e412f7070f4633cef6a480e
 
IA-64:
gnupg-1.2.6-8.ia64.rpm
File outdated by:  RHSA-2007:0106		     0d1191dcf30c72a93282dfec862dbef6
 
PPC:
gnupg-1.2.6-8.ppc.rpm
File outdated by:  RHSA-2007:0106		     1c64e01d7a0e6adbf2c069303f28c66b
 
s390:
gnupg-1.2.6-8.s390.rpm
File outdated by:  RHSA-2007:0106		     6f007a82e0b769988ba97132db09053b
 
s390x:
gnupg-1.2.6-8.s390x.rpm
File outdated by:  RHSA-2007:0106		     bbf9eab34a9282fd30698bc0d27ff11f
 
x86_64:
gnupg-1.2.6-8.x86_64.rpm
File outdated by:  RHSA-2007:0106		     800e7c982ba81ae0651b0091fdf61a63
 
Red Hat Enterprise Linux ES (v. 2.1)
SRPMS:
gnupg-1.0.7-20.src.rpm
File outdated by:  RHSA-2007:0106		     55f3008c00505b9ed691a1621f9f679b
 
IA-32:
gnupg-1.0.7-20.i386.rpm
File outdated by:  RHSA-2007:0106		     25113e54fca82c67a1adb0d14c536aa9
 
Red Hat Enterprise Linux ES (v. 3)
SRPMS:
gnupg-1.2.1-19.src.rpm
File outdated by:  RHSA-2007:0106		     2006add6d6ece17f59f4a9397d621665
 
IA-32:
gnupg-1.2.1-19.i386.rpm
File outdated by:  RHSA-2007:0106		     39045347836c30667687d601a58965a9
 
IA-64:
gnupg-1.2.1-19.ia64.rpm
File outdated by:  RHSA-2007:0106		     978ff04512ff5e7706d505e0fa46e0eb
 
x86_64:
gnupg-1.2.1-19.x86_64.rpm
File outdated by:  RHSA-2007:0106		     4cd47c1ff13aecfc4fb235e98b156e06
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
gnupg-1.2.6-8.src.rpm
File outdated by:  RHSA-2007:0106		     4d919fce07aa4051c6a8ec5f871430c8
 
IA-32:
gnupg-1.2.6-8.i386.rpm
File outdated by:  RHSA-2007:0106		     640862942e412f7070f4633cef6a480e
 
IA-64:
gnupg-1.2.6-8.ia64.rpm
File outdated by:  RHSA-2007:0106		     0d1191dcf30c72a93282dfec862dbef6
 
x86_64:
gnupg-1.2.6-8.x86_64.rpm
File outdated by:  RHSA-2007:0106		     800e7c982ba81ae0651b0091fdf61a63
 
Red Hat Enterprise Linux WS (v. 2.1)
SRPMS:
gnupg-1.0.7-20.src.rpm
File outdated by:  RHSA-2007:0106		     55f3008c00505b9ed691a1621f9f679b
 
IA-32:
gnupg-1.0.7-20.i386.rpm
File outdated by:  RHSA-2007:0106		     25113e54fca82c67a1adb0d14c536aa9
 
Red Hat Enterprise Linux WS (v. 3)
SRPMS:
gnupg-1.2.1-19.src.rpm
File outdated by:  RHSA-2007:0106		     2006add6d6ece17f59f4a9397d621665
 
IA-32:
gnupg-1.2.1-19.i386.rpm
File outdated by:  RHSA-2007:0106		     39045347836c30667687d601a58965a9
 
IA-64:
gnupg-1.2.1-19.ia64.rpm
File outdated by:  RHSA-2007:0106		     978ff04512ff5e7706d505e0fa46e0eb
 
x86_64:
gnupg-1.2.1-19.x86_64.rpm
File outdated by:  RHSA-2007:0106		     4cd47c1ff13aecfc4fb235e98b156e06
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
gnupg-1.2.6-8.src.rpm
File outdated by:  RHSA-2007:0106		     4d919fce07aa4051c6a8ec5f871430c8
 
IA-32:
gnupg-1.2.6-8.i386.rpm
File outdated by:  RHSA-2007:0106		     640862942e412f7070f4633cef6a480e
 
IA-64:
gnupg-1.2.6-8.ia64.rpm
File outdated by:  RHSA-2007:0106		     0d1191dcf30c72a93282dfec862dbef6
 
x86_64:
gnupg-1.2.6-8.x86_64.rpm
File outdated by:  RHSA-2007:0106		     800e7c982ba81ae0651b0091fdf61a63
 
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
SRPMS:
gnupg-1.0.7-20.src.rpm
File outdated by:  RHSA-2007:0106		     55f3008c00505b9ed691a1621f9f679b
 
IA-64:
gnupg-1.0.7-20.ia64.rpm
File outdated by:  RHSA-2007:0106		     6a3a3c6dc0e4b65fd5eddc75a422fead
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

218480 - CVE-2006-6235 GnuPG references local variable after function returns
218505 - CVE-2006-6169 GnuPG heap overflow


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6235
http://www.redhat.com/security/updates/classification/#important

Keywords

decrypt, heap, overflow, printable, string

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/