Package: gnupg2 / 2.0.19-2+deb7u2

Metadata

Package Version Patches format
gnupg2 2.0.19-2+deb7u2 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
01 gnupg2 rename.diff | (download)

configure.ac | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

---
02 cve 2012 6085.diff | (download)

g10/import.c | 23 22 + 1 - 0 !
1 file changed, 22 insertions(+), 1 deletion(-)

 gpg: import only packets which are allowed in a keyblock.
03 cve 2013 4402_p1.diff | (download)

NEWS | 2 2 + 0 - 0 !
g10/mainproc.c | 52 43 + 9 - 0 !
2 files changed, 45 insertions(+), 9 deletions(-)

 [patch 1/2] gpg: fix bug with deeply nested compressed packets.

* g10/mainproc.c (MAX_NESTING_DEPTH): New.
(proc_compressed): Return an error code.
(check_nesting): New.
(do_proc_packets): Check packet nesting depth.  Handle errors from
check_compressed.

Signed-off-by: Werner Koch <wk@gnupg.org>

04 cve 2013 4402_p2.diff | (download)

common/iobuf.c | 11 11 + 0 - 0 !
g10/mainproc.c | 78 48 + 30 - 0 !
2 files changed, 59 insertions(+), 30 deletions(-)

 [patch 2/2] gpg: limit the nesting level of i/o filters.

* common/iobuf.c (MAX_NESTING_FILTER): New.
(iobuf_push_filter2): Limit the nesting level.

* g10/mainproc.c (mainproc_context): New field ANY.  Change HAVE_DATA
and ANY_SIG_SIGN to bit fields of ANY.  Add bit field
UNCOMPRESS_FAILED.
(proc_compressed): Avoid printing multiple Bad Data messages.
(check_nesting): Return GPG_ERR_BAD_DATA instead of UNEXPECTED_DATA.
--

This is a more general fix for the nested compression packet bug.  In
particular this helps g10/import.c:read_block to stop pushing
compression filters onto an iobuf stream.  This patch also reduces the
number of error messages for the non-import case.

Signed-off-by: Werner Koch <wk@gnupg.org>

05 cve 2013 4351.diff | (download)

g10/getkey.c | 8 7 + 1 - 0 !
include/cipher.h | 5 5 + 0 - 0 !
2 files changed, 12 insertions(+), 1 deletion(-)

---
06 cve 2014 4617.diff | (download)

g10/compress.c | 19 11 + 8 - 0 !
1 file changed, 11 insertions(+), 8 deletions(-)

 gpg: avoid infinite loop in uncompressing garbled packets.
X-Git-Tag: gnupg-2.0.24~14