Ubuntu 970-1: GnuPG2 vulnerability
Summary
Update Instructions
References
Package Information
==========================================================Ubuntu Security Notice USN-970-1 August 11, 2010 gnupg2 vulnerability CVE-2010-2547 ========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 9.04 Ubuntu 9.10 Ubuntu 10.04 LTS This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: gpgsm 2.0.7-1ubuntu0.1 Ubuntu 9.04: gpgsm 2.0.9-3.1ubuntu0.1 Ubuntu 9.10: gpgsm 2.0.12-0ubuntu2.1 Ubuntu 10.04 LTS: gpgsm 2.0.14-1ubuntu1.2 In general, a standard system update will make all the necessary changes. Details follow: It was discovered that GPGSM in GnuPG2 did not correctly handle certificates with a large number of Subject Alternate Names. If a user or automated system were tricked into processing a specially crafted certificate, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. Updated packages for Ubuntu 8.04 LTS: Source archives: Size/MD5: 38357 9f9b19967950818429e79181c0a8e009 Size/MD5: 1049 959706cf178e4f2284f9514ad2195813 Size/MD5: 5035162 edac843901373c9a3bb33c5c134a60c9 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 285546 481108f98f893d984b2bbbee47ea6e42 Size/MD5: 441412 acc2db528cf2719e6566accae9d289bf Size/MD5: 1140788 48b83a17ef51b15c9a002101d935e6a9 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 258500 c22829f163ac0f7aac143e050ea85169 Size/MD5: 404416 537aaf300aefd33bf210fc031391d1b6 Size/MD5: 1076900 48e8b3be56b1f4bb4adc757d90c57ee5 lpia architecture (Low Power Intel Architecture): Size/MD5: 258120 44b69a516104e6ec001e7d3f4a7ba6f7 Size/MD5: 404568 b39494268d8404271e34e4666892e2d3 Size/MD5: 1079478 2a78aa1f9261e69477449f660ae0d747 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 292912 d727881145b5086fd96cf548c2123cbf Size/MD5: 444646 cea2f618e615e9ff26fb69d3bd1f24fd Size/MD5: 1156208 7dfa97127ae3281819dc270729cc6aa9 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 256654 b09ba94083d721ad93f173ecd9d3126b Size/MD5: 398312 797ac0ee6888972787680368102c6aa8 Size/MD5: 1073772 f7f2db367693c941ae7017a538b4d736 Updated packages for Ubuntu 9.04: Source archives: Size/MD5: 40713 f7056736ec90ad76e433ee893b4dbd97 Size/MD5: 1483 37594fcfbe809d40002ee10cbea09c3e Size/MD5: 5198703 3b6b1742509f396d51528e0cd4c76a13 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 318512 4ff8b15741e71ca1e3c638363b84aeae Size/MD5: 1234036 9e4b30bb8d89098395eed5e9b513bbc4 Size/MD5: 465838 5435b39d54406c4343580fb2f809fc5d i386 architecture (x86 compatible Intel/AMD): Size/MD5: 289274 c428747d01cd120b40a3dedd44c31f16 Size/MD5: 1169762 ac02e769b48cd2893ece7eac3255d690 Size/MD5: 428896 c64a8863384d1dc158235715f406e6a5 lpia architecture (Low Power Intel Architecture): Size/MD5: 287360 2d3766c5c6e202814dba2d8112b81356 Size/MD5: 1168018 01c76668fc8f19adc3aa781f9f4b1b17 Size/MD5: 425984 c0cf75eb2f9d329df75d657d31c6f3fc powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 319038 3a8849451868d3f8130fe672be42795b Size/MD5: 1233954 3bbd99735490dec55b767fa1cb726319 Size/MD5: 460092 80a46ecf08a5f01f9f5cb151c67c5733 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 284242 c2ee3e14263c458bceef40caffecf807 Size/MD5: 1156416 fced6a8224a39c0d55394e91774009fa Size/MD5: 417652 5c122b6e9d4299715ac29d3d7d483ddf Updated packages for Ubuntu 9.10: Source archives: Size/MD5: 45252 1256d26ad9afa14e3288fd1e8e8cbc05 Size/MD5: 1483 98ba32796b4984691f2104888a2cd2e8 Size/MD5: 5391317 411b693bff73ed5461d1b07db2508349 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 334704 037f7ca90b434879f8fbefbbdf36378a Size/MD5: 1246990 072e0ea6bb59fa3bbce4aff7b228a439 Size/MD5: 524584 e62719dafbd7c2c5f99dbff4337a2d95 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 303270 c0e4aa5fcc89e00797b8c60d9b035290 Size/MD5: 1173948 fa77a48b18a4db35d6f28b576374d241 Size/MD5: 480382 9bb7f9b289720ed9938b07a9f7376825 lpia architecture (Low Power Intel Architecture): Size/MD5: 301810 ae46a0b80b14b8ab626019e6f097c588 Size/MD5: 1177912 d26646f1fff53447dda0e5b29464ff77 Size/MD5: 478874 0771937dc12c25738c5395357f75f0d3 powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 326554 02d61154b7f1a5d7c38a00b79356f3fd Size/MD5: 1231128 e08169b0356a24c0d445275044ae8cb4 Size/MD5: 509388 14bc48733e68c3d81b2c023740c1e749 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 297952 8f11786784ff3a97571179469308f809 Size/MD5: 1171980 7345b4b22127438996a37bca1c54a742 Size/MD5: 466618 167455d92f7460df840e538792349f33 Updated packages for Ubuntu 10.04: Source archives: Size/MD5: 40744 9c03e96c6ecce9d40cea797553f87c5c Size/MD5: 1515 cccd0c5394961ac8bcaa423ee356e473 Size/MD5: 3982080 54732a0a76d59646b7e0b682fb357c22 amd64 architecture (Athlon64, Opteron, EM64T Xeon): Size/MD5: 328348 82f297f0a7bd001a778800919389431c Size/MD5: 1305582 eae9b9b47dc4560130407ac58eeb6d65 Size/MD5: 522872 94f2aed0e1e80cae50c3e28f46f0c9b8 i386 architecture (x86 compatible Intel/AMD): Size/MD5: 295938 c75aea5948dd4798dc75153c3d6ed24b Size/MD5: 1228066 24a6a91b9ac8360c7ee5f6d3487248d5 Size/MD5: 478024 4713ca65fa253846edb89e3650ba65cb powerpc architecture (Apple Macintosh G3/G4/G5): Size/MD5: 320314 bb07ee6c242de814bba3694594649e44 Size/MD5: 1288430 7acd42de75cf7cf217034045df7f7100 Size/MD5: 509500 03536d3309f849b078fc9825139f2998 sparc architecture (Sun SPARC/UltraSPARC): Size/MD5: 300336 d166d23c8fd65533290d65ee8759a072 Size/MD5: 1247550 c586ab10d264eceb9539ca95737d7f44 Size/MD5: 479072 5035985afcd16f0a08fa896fe5b14cc7