[SECURITY] Fedora 20 Update: gnupg2-2.0.27-1.fc20

updates at fedoraproject.org updates at fedoraproject.org
Wed Apr 22 22:38:03 UTC 2015 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-5969
2015-04-11 04:33:19
--------------------------------------------------------------------------------

Name        : gnupg2
Product     : Fedora 20
Version     : 2.0.27
Release     : 1.fc20
URL         : http://www.gnupg.org/
Summary     : Utility for secure communication and data storage
Description :
GnuPG is GNU's tool for secure communication and data storage.  It can
be used to encrypt data and to create digital signatures.  It includes
an advanced key management facility and is compliant with the proposed
OpenPGP Internet standard as described in RFC2440 and the S/MIME
standard as described by several RFCs.

GnuPG 2.0 is a newer version of GnuPG with additional support for
S/MIME.  It has a different design philosophy that splits
functionality up into several modules. The S/MIME and smartcard functionality
is provided by the gnupg2-smime package.

--------------------------------------------------------------------------------
Update Information:

Updated package from upstream fixing minor security issues.

--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 10 2015 Tomáš Mráz <tmraz at redhat.com> - 2.0.27-1
- new upstream release fixing minor security issues
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.25-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Tue Aug  5 2014 Tomáš Mráz <tmraz at redhat.com> - 2.0.25-1
- new upstream release fixing a minor regression introduced by the previous one
- add --file-is-digest option needed for copr
* Sat Jul 12 2014 Tom Callaway <spot at fedoraproject.org> - 2.0.24-2
- fix license handling
* Wed Jun 25 2014 Tomáš Mráz <tmraz at redhat.com> - 2.0.24-1
- new upstream release fixing CVE-2014-4617
* Sat Jun  7 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.22-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Wed May  7 2014 Tomáš Mráz <tmraz at redhat.com> - 2.0.22-3
- do not dump core if hash algorithm not available in the FIPS mode
* Tue Mar  4 2014 Tomáš Mráz <tmraz at redhat.com> - 2.0.22-2
- rebuilt against new libgcrypt
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1178759 - gnupg2: double free in cmd_readkey()
        https://bugzilla.redhat.com/show_bug.cgi?id=1178759
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update gnupg2' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list