Unix Linux Hacks, Commands and Configuration. Red Hat Fedora SuSE Debian Knoppix Slackware: GnuPG GPG upgrade. Exploitable bug found

December 6, 2006

GnuPG GPG upgrade. Exploitable bug found

GnuPG, (gpg) the free and open source version of PGP (Pretty Good Privacy). Used by many
Unix and Linux users. GnuPG encrypts messages using asymmetric keypairs individually generated by GnuPG users.

Security researchers at Gentoo has found a new exploitable bug in GnuPG.
A malformed GPG packet can modify and dereference a function pointer in GnuPG.
The bug is remotely exploitable, and it effects any use of GnuPG.

You can download version GnuPG 1.4.6 from ftp://ftp.gnupg.org/gcrypt/gnupg/
Updated vendor versions of GnuPG is not availbe yet, but should come very soon.
Check for updates regulary.

For more information, read the security researchers announcement.

http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000245.html

Unix Linux Hacks, Commands and Configuration. Red Hat Fedora SuSE Debian Knoppix Slackware

December 6, 2006

GnuPG GPG upgrade. Exploitable bug found

Poker Stars, where Linux and Mac users play