Description: | Description:
The remote host is missing an update to gnupg announced via advisory FEDORA-2006-867.
GnuPG (GNU Privacy Guard) is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant with the proposed OpenPGP Internet standard described in RFC2440. Since GnuPG doesn't use any patented algorithm, it is not compatible with any version of PGP2 (PGP2.x uses only IDEA for symmetric-key encryption, which is patented worldwide).
Update Information:
This update upgrades GnuPG to version 1.4.5 to correct errors in the parsing of certain types of packets. * Tue Aug 1 2006 Nalin Dahyabhai - 1.4.5-1 - update to 1.4.5, fixing additional size overflows in packet parsing (#200904, CVE-2006-3746) - temporarily disable curl support again * Fri Jul 28 2006 Nalin Dahyabhai - 1.4.4.90-1 - update to 1.4.5rc1 to check for build problems, but mark it as 1.4.4.90 to avoid looking newer than the eventual 1.4.5 - because we call aclocal, buildrequire gettext-devel to get AM_GNU_GETTEXT * Thu Jul 20 2006 Nalin Dahyabhai - 1.4.4-7 - add BuildPrereq on curl-devel to get curl's ipv6 support (#198375) * Wed Jul 12 2006 Nalin Dahyabhai - 1.4.4-6 - fix a cast in gpgkeys_hkp to avoid tripping stack smashing or buffer overflow detection (#198612) * Wed Jul 12 2006 Jesse Keating - 1.4.4-5.1 - rebuild * Wed Jul 5 2006 Nalin Dahyabhai - 1.4.4-5 - try again using per-platform buildprereq (jkeating) * Wed Jul 5 2006 Nalin Dahyabhai - 1.4.4-4 - buildprereq libusb-devel, so that we get CCID support back (#197450)
Solution: Apply the appropriate updates.
This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
This update can be installed with the 'yum' update program. Use 'yum update package-name' at the command line. For more information, refer to 'Managing Software with yum,' available at http://fedora.redhat.com/docs/yum/.
https://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2006-867
Risk factor : Medium
CVSS Score: 5.0
|