lp:ubuntu/lucid-updates/gnupg

Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/lucid-updates/gnupg
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

36. By Marc Deslauriers

* SECURITY UPDATE: side-channel attack on Elgamal encryption subkeys
  - debian/patches/CVE-2014-5270.dpatch: use sliding window method for
    exponentiation algorithm in mpi/mpi-pow.c.
  - CVE-2014-5270

35. By Marc Deslauriers

* SECURITY UPDATE: denial of service via uncompressing garbled packets
  - debian/patches/CVE-2014-4617.dpatch: limit number of extra bytes in
    g10/compress.c.
  - CVE-2014-4617

34. By Marc Deslauriers

* SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
  Cryptanalysis attack
  - debian/patches/CVE-2013-4576.dpatch: Use blinding for the RSA secret
    operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
    MPIs used as input to secret key functions in cipher/dsa.c,
    cipher/elgamal.c, cipher/rsa.c.
  - CVE-2013-4576

33. By Marc Deslauriers

* SECURITY UPDATE: incorrect no-usage-permitted flag handling
  - debian/patches/CVE-2013-4351.dpatch: correctly handle empty key flags
    in g10/getkey.c, g10/keygen.c, include/cipher.h.
  - CVE-2013-4351
* SECURITY UPDATE: denial of service via infinite recursion
  - debian/patches/CVE-2013-4402.dpatch: set limits on number of filters
    and nested packets in util/iobuf.c, g10/mainproc.c.
  - CVE-2013-4402

32. By Seth Arnold

* SECURITY UPDATE: The path of execution in an exponentiation function may
  depend upon secret key data, allowing a local attacker to determine the
  contents of the secret key through a side-channel attack.
  - debian/patches/CVE-2013-4242.dpatch: always perform the mpi_mul for
    exponents in secure memory. Based on upstream patch.
  - CVE-2013-4242

31. By Marc Deslauriers

* SECURITY UPDATE: keyring corruption via malformed key import
  - debian/patches/CVE-2012-6085.dpatch: validate PKTTYPE in g10/import.c.
  - CVE-2012-6085

30. By Marc Deslauriers

debian/patches/long-keyids.dpatch: Use the longest key ID available
when requesting a key from a key server.

29. By Michael Bienia

* Merge from Debian testing (lp: #503064, #477818). Remaining changes:
  - Add 'debian/patches/50_disable_mlock_test.dpatch': Disable mlock() test
    since it fails with ulimit 0 (on buildds).
  - Add 'debian/patches/61_use_agent_default.dpatch': Patch to set gpg
    (or gpg2) and gpgsm to use a passphrase agent by default (lp: 15485)
  - Fix udeb build failure on powerpc, building with -O2 instead of -Os.

28. By Matthias Klose

Fix udeb build failure on powerpc, building with -O2 instead of -Os.

27. By Matthias Klose

Build-depend on libreadline-dev instead of libreadline5-dev.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/quantal/gnupg
This branch contains Public information 
Everyone can see this information.

Subscribers