Commit 90bb58d7 authored Jul 17, 2014 by Gustavo Zacarias Committed by Thomas Petazzoni Jul 17, 2014

gnupg: security bump to version 1.4.18



Fixes CVE-2014-4617 (The do_uncompress function in g10/compress.c
allows context-dependent attackers to cause a denial of service
(infinite loop) via malformed compressed packets, as demonstrated by an
a3 01 5b ff byte sequence.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>

parent 4ef1fb88

package/gnupg/gnupg.mk

+1 −1

Original line number	Diff line number	Diff line
		@@ -4,7 +4,7 @@
		#
		################################################################################

		GNUPG_VERSION = 1.4.17
		GNUPG_VERSION = 1.4.18
		GNUPG_SOURCE = gnupg-$(GNUPG_VERSION).tar.bz2
		GNUPG_SITE = ftp://ftp.gnupg.org/gcrypt/gnupg
		GNUPG_LICENSE = GPLv3+