Debian Bug report logs - #401898
gnupg: remotely controllable function pointer

version graph

Package: gnupg; Maintainer for gnupg is Debian GnuPG-Maintainers <pkg-gnupg-maint@lists.alioth.debian.org>; Source for gnupg is src:gnupg.

Reported by: Edward Guldemond <edward.guldemond@gmail.com>

Date: Wed, 6 Dec 2006 17:48:02 UTC

Severity: grave

Tags: security, upstream

Merged with 401894, 401914

Found in versions gnupg/1.4.1-1, gnupg/1.4.5-3

Fixed in version 1.4.6-1

Done: Henrique de Moraes Holschuh <hmh@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian Security Team <team@security.debian.org>, James Troup <james@nocrew.org>:
Bug#401898; Package gnupg. Full text and rfc822 format available.

Acknowledgement sent to Edward Guldemond <edward.guldemond@gmail.com>:
New Bug report received and forwarded. Copy sent to Debian Security Team <team@security.debian.org>, James Troup <james@nocrew.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Edward Guldemond <edward.guldemond@gmail.com>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: gnupg: remotely controllable function pointer
Date: Wed, 06 Dec 2006 12:35:38 -0500
Package: gnupg
Version: 1.4.5-3
Severity: grave
Tags: security
Justification: user security hole

According to an email that was sent to the gnupg-announce mailing
list, the version of gnupg in unstable (as well as in stable) is
vulnerable to remote attack.  By introducing a malformed OpenPGP
packet, an attacker can dereference a function pointer in GnuPG which
can be used to control the data processed by GnuPG.  All versions before
1.4.6 are affected, and the recommended fix is to upgrade to 1.4.6.

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-2-amd64
Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages gnupg depends on:
ii  gpgv                         1.4.5-3     GNU privacy guard - signature veri
ii  libbz2-1.0                   1.0.3-6     high-quality block-sorting file co
ii  libc6                        2.3.6.ds1-8 GNU C Library: Shared libraries
ii  libldap2                     2.1.30-13.2 OpenLDAP libraries
ii  libreadline5                 5.2-1       GNU readline and history libraries
ii  libusb-0.1-4                 2:0.1.12-2  userspace USB programming library
ii  makedev                      2.3.1-83    creates device files in /dev
ii  zlib1g                       1:1.2.3-13  compression library - runtime

gnupg recommends no packages.

-- no debconf information



Tags added: upstream Request was from Florian Weimer <fw@deneb.enyo.de> to control@bugs.debian.org. Full text and rfc822 format available.

Merged 401894 401898 401914. Request was from Florian Weimer <fw@deneb.enyo.de> to control@bugs.debian.org. Full text and rfc822 format available.

Forcibly Merged 401894 401898 401914. Request was from Andreas Barth <aba@not.so.argh.org> to control@bugs.debian.org. Full text and rfc822 format available.

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 24 Jun 2007 16:36:58 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Apr 20 21:22:51 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.