SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for gnupg-1.4.7-2tr.i586.rpm :
Thu Jul 19 14:00:00 2007 Nived Gopalan 1.4.7-2tr
- Rebuild with new cURL.

Fri Mar 9 13:00:00 2007 Nived Gopalan 1.4.7-1tr
- New Upstream.
- SECURITY Fix: GnuPG 1.4.6 and earlier, when run from the command
line, does not visually distinguish signed and unsigned portions
of OpenPGP messages with multiple components, which might allow
remote attackers to forge the contents of a message without detection.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2007-1263 to this issue.

Mon Feb 26 13:00:00 2007 Nived Gopalan
- Rebuilt

Fri Dec 8 13:00:00 2006 Nived Gopalan 1.4.6-1tr
- New Upstream.
- SECURITY Fix: Tavis Ormandy has reported a vulnerability in GnuPG,
caused due to an error within the decryption of malformed OpenPGP
messages. This can be exploited to corrupt memory when decrypting
a specially crafted OpenPGP message.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-6235 to this issue.

Tue Nov 28 13:00:00 2006 Nived Gopalan 1.4.5-2tr
- SECURITY Fix: Fixed buffer overflow occurring in openfile.c if
make_printable_string returns a longer string.

Mon Aug 7 14:00:00 2006 Nived Gopalan 1.4.5-1tr
- New Upstream.
- SECURITY Fix: Evgeny Legerov has reported a vulnerability in GnuPG,
caused due to an input validation error in parse_packet.c when
handling certain message packets. This can be exploited to cause
GnuPG to consume large amounts of memory or crash via an overly
long comment length in a message packet. This can further be
exploited to cause an integer overflow, which leads to possible
memory corruption and crashes GnuPG.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-3746 to this issue.

Thu Jul 13 14:00:00 2006 Nived Gopalan 1.4.4-1tr
- New Upstream.
- SECURITY Fix: A vulnerability has been reported in GnuPG, cause due
to an input validation error within \"parse-packet.c\" when handling
the length of a message packet. This can be exploited to cause gpg
to consume large amount of memory or crash via an overly large packet
length in a message packet. This can be further exploited to cause an
integer overflow which leads to a possible memory corruption that
crashes gpg.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-3082 to this issue.

Mon Mar 13 13:00:00 2006 Nived Gopalan 1.4.2.2-1tr
- New Upstream.
- SECURITY Fix: Tavis Ormandy has reported a vulnerability in GnuPG,
which can be exploited by malicious people to bypass certain security
restrictions. The vulnerability is caused due to an error in the
detection of unsigned data which makes it possible to inject arbitrary
data into a signed message and affects the verification of non-detached
signatures and signatures embedded in encrypted messages.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-0049 to this issue.

Wed Feb 15 13:00:00 2006 Nived Gopalan 1.4.2.1-1tr
- New Upstream.
- SECURITY Fix: Taviso has reported a verification weakness in gpgv where
some input could lead to gpgv exiting with 0 even if the detached
signature file did not carry any signature.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2006-0455 to this issue.

Fri Jun 10 14:00:00 2005 Oystein Viggen 1.4.1-6tr
- Fixed fixed unpackaged files

Tue Apr 12 14:00:00 2005 Raghu 1.4.1-4tr
- Rebuilt for openldap-2.2.24

Mon Apr 11 14:00:00 2005 Raghu 1.4.1-3tr
- Rebuilt for openldap-2.2.9

Thu Apr 7 14:00:00 2005 Syed Shabir Zakiullah 1.4.1-2tr
- Rebuilt against new readline

Thu Mar 17 13:00:00 2005 Lakshmi Dinamoni 1.4.1-1tr
- New Upstream
- Fixed unpackaged files

Mon Feb 21 13:00:00 2005 Raghu 1.4.0-1tr
- New Upstream

Thu Sep 23 14:00:00 2004 Syed Shabir 1.2.6-1tr
- New upstream

Tue Jan 27 13:00:00 2004 Erlend Midttun 1.2.4-1tr
- New upstream.

Wed Nov 26 13:00:00 2003 Erlend Midttun 1.2.3-1em
- New upstream.

Fri Oct 31 13:00:00 2003 Chr. Toldnes 1.2.2-6tr
- Backport (new gpg key)

Sun Sep 28 14:00:00 2003 Chr. Toldnes 1.2.2-5tsl
- Port to tawie

Mon Jun 23 14:00:00 2003 Erlend Midttun 1.2.2-4tr
- Added %defattr.

Wed Jun 18 14:00:00 2003 Erlend Midttun 1.2.2-3tr
- Big rebuild

Mon Jun 2 14:00:00 2003 Erlend Midttun 1.2.2-2em
- Fixed filelist.

Wed May 28 14:00:00 2003 Erlend Midttun 1.2.2-1em
- New upstream.

Mon Mar 24 13:00:00 2003 Erlend Midttun 1.2.1-4em
- Rebuilt against glibc 2.3.2.

Mon Mar 24 13:00:00 2003 Goetz Bock 1.2.1-3bg
- removed locals
- splitted additional key-fetchers into own package
- little specfile cleanups

Tue Mar 11 13:00:00 2003 Erlend Midttun 1.2.1-2em
- Cleaned up %doc

Tue Feb 25 13:00:00 2003 Erlend Midttun 1.2.1-1em
- New upstream version.

Mon Jun 3 14:00:00 2002 Erlend Midttun
- New upstream version.

Fri Mar 1 13:00:00 2002 Christian H. Toldnes
- gpg-trustix-sign update.
- Package cleanup.

Tue Jun 5 14:00:00 2001 Erlend Midttun
- As pointed out by Bruno Postle, RSA is now supported.

Thu May 31 14:00:00 2001 Erlend Midttun
- Upgraded to 1.0.6 to fix format string bug.

Wed Dec 20 13:00:00 2000 Oystein Viggen
- Import two patches from RH to fix bugs with importing private keys and
checking detached signatures.

Fri Oct 27 14:00:00 2000 Erlend Midttun
- Some mv error in spec file breaking upgrade.

Wed Oct 18 14:00:00 2000 Erlend Midttun
- Picked up 1.0.4 which fixes a bug with regards to serveral signatures
in the same file. Bugtraq.

Fri Sep 15 14:00:00 2000 Per Ivar Paulsen
- Picked up 1.02

Fri Jun 16 14:00:00 2000 Oystein Viggen
- fix a slight bug in adding the public key to the chain
- hack around bogosity with roots homedir being / during install

Wed May 3 14:00:00 2000 Lars Gaarden
- added the Trustix public signature key

Sat May 29 14:00:00 1999 Fabio Coatti
- Some corrections in French description, thanks to
Ga�l Qu�ri

Mon May 17 14:00:00 1999 Fabio Coatti
- Added French description, provided by
Christophe Labouisse

Thu May 6 14:00:00 1999 Fabio Coatti
- Upgraded for 0.9.6 (removed gpgm)

Tue Jan 12 13:00:00 1999 Fabio Coatti
- LINGUAS variable is now unset in configure to ensure that all
languages will be built. (Thanks to Luca Olivetti )

Sat Jan 2 13:00:00 1999 Fabio Coatti
- Added pl language file.
- Included g10/pubring.asc in documentation files.

Sat Dec 19 13:00:00 1998 Fabio Coatti
- Modified the spec file provided by Caskey L. Dickson

- Now it can be built also by non-root. Installation has to be done as
root, gpg is suid.
- Added some changes by Ross Golder
- Updates for version 0.4.5 of GnuPG (.mo files)


  
ICM