Operating System:

[Debian]

Published:

11 July 2006

Protect yourself against future threats.

//Service

Incident Management

Whether it is proactive or reactive services you're after, we will help you detect, interpret and respond to attacks from across the globe.

Read more
Resources > Security Bulletins > ESB-2006.0450 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                         ESB-2006.0450 -- [Debian]
                 New GnuPG packages fix denial of service
                               11 July 2006

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              gnupg
Publisher:            Debian
Operating System:     Debian GNU/Linux 3.1
                      Debian GNU/Linux 3.0
Impact:               Execute Arbitrary Code/Commands
                      Denial of Service
Access:               Remote/Unauthenticated
CVE Names:            CVE-2006-3082

Ref:                  ESB-2006.0431

Original Bulletin:    http://www.debian.org/security/2006/dsa-1107

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - --------------------------------------------------------------------------
Debian Security Advisory DSA 1107-1                    security@debian.org
http://www.debian.org/security/                             Martin Schulze
July 10th, 2006                         http://www.debian.org/security/faq
- - --------------------------------------------------------------------------

Package        : gnupg
Vulnerability  : integer overflow
Problem type   : local (remote)
Debian-specific: no
CVE ID         : CVE-2006-3082

Evgeny Legerov discovered that gnupg, the GNU privacy guard, a free
PGP replacement contains an integer overflow that can cause a
segmentation fault and possibly overwrite memory via a large user ID
strings.

For the old stable distribution (woody) this problem has been fixed in
version 1.0.6-4woody6.

For the stable distribution (sarge) this problem has been fixed in
version 1.4.1-1.sarge4.

For the unstable distribution (sid) this problem has been fixed in
version 1.4.3-2.

We recommend that you upgrade your gnupg package.


Upgrade Instructions
- - --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given at the end of this advisory:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6.dsc
      Size/MD5 checksum:      577 40a60f7ff8a7c36e4ffb308caa350e70
    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6.diff.gz
      Size/MD5 checksum:     8597 add04b0a8c391de7134cca7c943d15d9
    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6.orig.tar.gz
      Size/MD5 checksum:  1941676 7c319a9e5e70ad9bc3bf0d7b5008a508

  Alpha architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_alpha.deb
      Size/MD5 checksum:  1151184 3c46ca0e7a42f819619ba2a021a38eb9

  ARM architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_arm.deb
      Size/MD5 checksum:   987554 843109424859d6a1006898419d6d642e

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_i386.deb
      Size/MD5 checksum:   966904 8ffd681040a2d466389f058e25ae29ae

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_ia64.deb
      Size/MD5 checksum:  1272488 5dcf85dd73bd2015438fd995a16762e5

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_hppa.deb
      Size/MD5 checksum:  1060316 22496f4150fd2334f7504deff0c474a1

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_m68k.deb
      Size/MD5 checksum:   942994 bc7eede5abdcbe721ff81a5e242ebfb6

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_mips.deb
      Size/MD5 checksum:  1036510 5e5824568a6a4b50851513c27db5a139

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_mipsel.deb
      Size/MD5 checksum:  1036966 792c1f9b0f61349001a789b08bf862d8

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_powerpc.deb
      Size/MD5 checksum:  1010208 6f1b3a058b7afab16a35ccba4d6b107e

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_s390.deb
      Size/MD5 checksum:  1002808 80b5ca38f239a23c8e2119b39966279b

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.0.6-4woody6_sparc.deb
      Size/MD5 checksum:  1003856 aa89804a111cdbede9845a8eb179f9d2


Debian GNU/Linux 3.1 alias sarge
- - --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4.dsc
      Size/MD5 checksum:      680 006a79b9793ba193aa227850c11984dd
    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4.diff.gz
      Size/MD5 checksum:    20197 488b0289778532beb0608b8dca7982a7
    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1.orig.tar.gz
      Size/MD5 checksum:  4059170 1cc77c6943baaa711222e954bbd785e5

  Alpha architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_alpha.deb
      Size/MD5 checksum:  2155794 cb1d024d2cae8c132bafe3422a2d1b3e

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_amd64.deb
      Size/MD5 checksum:  1963478 d0d3432b4b5968d2f837414b4202afe9

  ARM architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_arm.deb
      Size/MD5 checksum:  1899338 b670611700f39489ea99517eb50678a9

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_i386.deb
      Size/MD5 checksum:  1908580 0f8623e8b3a59e9c8101fa2f7c23f576

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_ia64.deb
      Size/MD5 checksum:  2325178 fb8ba4735f0769f7c21e974321bd7c89

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_hppa.deb
      Size/MD5 checksum:  2003982 14149a1cee79407a1f99e5ae340dd501

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_m68k.deb
      Size/MD5 checksum:  1811020 dc751374cc6f994782e7de9ed5fd77ea

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_mips.deb
      Size/MD5 checksum:  2000688 0d44abe0cc416c06d63699a6c77b232d

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_mipsel.deb
      Size/MD5 checksum:  2007524 e59ad95cf552d2a4cb31a11b4db50147

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_powerpc.deb
      Size/MD5 checksum:  1957934 62443926a7a4fe049e62a8515a0ecb27

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_s390.deb
      Size/MD5 checksum:  1967012 a6b8d7173799fc57e46456a305f97d78

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/g/gnupg/gnupg_1.4.1-1.sarge4_sparc.deb
      Size/MD5 checksum:  1897410 6f793e910bb6a793c96c875059626914


  These files will probably be moved into the stable distribution on
  its next update.

- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEsk6lW5ql+IAeqTIRAtZ/AKCDGDZiFFPEC9Ur6q1Scb/NBXS6SACgj+Qb
2u+tl5LGg3pSDwiDgpZ/QpI=
=OGgG
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBRLL9Rih9+71yA2DNAQJbaQP/e1xkDLy8XCjXCiQh1qIJgG43+L5zNilO
jAw4iJEOMaJd8xH1k5fR/zHwMP5tMJE+9R4ZbhkNUyZ8YXFHNwRCtbdgxHvUH8w2
gAWX9u4DPzSHV50XuOIhMANQONa8XrFP+fQtfPEG3sG4lJ9eSJ/gSSLhMCqxVLud
7vu9r345cTE=
=cBvT
-----END PGP SIGNATURE-----