[sflack-security] gnupg (SFSA:2007-066-01)

[sflack-security]  gnupg (SFSA:2007-066-01)

In according to slackware-security a new gnupg package is available
for Sflack 11.0 to fix security ramifications of incorrect gpg usage.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1263

Here are the details from the Sflack 11.0 ChangeLog:
+--------------------------+
n/gnupg-1.4.7-x86_64-1_sflack11.0.tgz: Upgraded to gnupg-1.4.7.

* This fixes a security problem that can occur when GnuPG is used incorrectly.
Newer versions attempt to prevent such misuse.
For more information, see:
http://lists.gnupg.org/pipermail/gnupg-announce/2007q1/000251.html
(* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Updated package for Sflack 11.0:
ftp://ftp.slackarea.net/pub/sflack/sflack-11.0/patches/packages/gnupg-1.4.7-x86_64-1_sflack11.0.tgz


MD5 signatures:
+-------------+

Sflack 11.0 package:
4fe767baecec5191d56e7a6f4b1f9497 gnupg-1.4.7-x86_64-1_sflack11.0.tgz


Installation instructions:
+------------------------+

Upgrade the packages as root:
# upgradepkg gnupg-1.4.7-x86_64-1_sflack11.0.tgz


+-----+

Sflack Linux Security Team
http://sflack.com/gpg-key
security@sflack.com