pkgsrc-changes: CVS commit: pkgsrc/security/gnupg

Subject: CVS commit: pkgsrc/security/gnupg
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 06/24/2006 14:20:29

Module Name:	pkgsrc
Committed By:	salo
Date:		Sat Jun 24 14:20:29 UTC 2006

Modified Files:
	pkgsrc/security/gnupg: Makefile distinfo
Added Files:
	pkgsrc/security/gnupg/patches: patch-ba

Log Message:
Security fix for CVE-2006-3082:

"parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions,
 allows remote attackers to cause a denial of service (gpg crash) and
 possibly overwrite memory via a message packet with a large length,
 which could lead to an integer overflow, as demonstrated using the
 --no-armor option."

Patch from GnuPG CVS repository.
Bump PKGREVISION.


To generate a diff of this commit:
cvs rdiff -r1.85 -r1.86 pkgsrc/security/gnupg/Makefile
cvs rdiff -r1.39 -r1.40 pkgsrc/security/gnupg/distinfo
cvs rdiff -r0 -r1.1 pkgsrc/security/gnupg/patches/patch-ba

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.