lp:ubuntu/lucid-updates/gnupg
- Get this branch:
- bzr branch lp:ubuntu/lucid-updates/gnupg
Branch merges
Branch information
Recent revisions
- 36. By Marc Deslauriers
-
* SECURITY UPDATE: side-channel attack on Elgamal encryption subkeys
- debian/patches/ CVE-2014- 5270.dpatch: use sliding window method for
exponentiation algorithm in mpi/mpi-pow.c.
- CVE-2014-5270 - 35. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via uncompressing garbled packets
- debian/patches/ CVE-2014- 4617.dpatch: limit number of extra bytes in
g10/compress.c.
- CVE-2014-4617 - 34. By Marc Deslauriers
-
* SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
Cryptanalysis attack
- debian/patches/ CVE-2013- 4576.dpatch: Use blinding for the RSA secret
operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
MPIs used as input to secret key functions in cipher/dsa.c,
cipher/elgamal. c, cipher/rsa.c.
- CVE-2013-4576 - 33. By Marc Deslauriers
-
* SECURITY UPDATE: incorrect no-usage-permitted flag handling
- debian/patches/ CVE-2013- 4351.dpatch: correctly handle empty key flags
in g10/getkey.c, g10/keygen.c, include/cipher.h.
- CVE-2013-4351
* SECURITY UPDATE: denial of service via infinite recursion
- debian/patches/ CVE-2013- 4402.dpatch: set limits on number of filters
and nested packets in util/iobuf.c, g10/mainproc.c.
- CVE-2013-4402 - 32. By Seth Arnold
-
* SECURITY UPDATE: The path of execution in an exponentiation function may
depend upon secret key data, allowing a local attacker to determine the
contents of the secret key through a side-channel attack.
- debian/patches/ CVE-2013- 4242.dpatch: always perform the mpi_mul for
exponents in secure memory. Based on upstream patch.
- CVE-2013-4242 - 31. By Marc Deslauriers
-
* SECURITY UPDATE: keyring corruption via malformed key import
- debian/patches/ CVE-2012- 6085.dpatch: validate PKTTYPE in g10/import.c.
- CVE-2012-6085 - 30. By Marc Deslauriers
-
debian/
patches/ long-keyids. dpatch: Use the longest key ID available
when requesting a key from a key server. - 29. By Michael Bienia
-
* Merge from Debian testing (lp: #503064, #477818). Remaining changes:
- Add 'debian/patches/ 50_disable_ mlock_test. dpatch' : Disable mlock() test
since it fails with ulimit 0 (on buildds).
- Add 'debian/patches/ 61_use_ agent_default. dpatch' : Patch to set gpg
(or gpg2) and gpgsm to use a passphrase agent by default (lp: 15485)
- Fix udeb build failure on powerpc, building with -O2 instead of -Os.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/quantal/gnupg