gnupg2 2.2.4-1ubuntu1.1 source package in Ubuntu
Changelog
gnupg2 (2.2.4-1ubuntu1.1) bionic-security; urgency=medium
* SECURITY UPDATE: missing sanitization of verbose output
- debian/patches/from-master/CVE-2018-12020.patch: Sanitize diagnostic with
the original file name.
- CVE-2018-12020
* SECURITY UPDATE: certify public keys without a certify key present
when using a smartcard.
- debian/patches/from-master/CVE-2018-9234-1.patch,
- debian/patches/from-master/CVE-2018-9234-2.patch: Check that a key
may do certifications.
- CVE-2018-9234
* Always use MDC encryption mode regardless of the cipher algorithm
or any preferences. The --rfc2440 option can be used to create
a message without an MDC.
- debian/patches/from-master/0003-gpg-Remove-MDC-options.patch
* Decryption of messages not using the MDC mode into a hard
failure even if a legacy cipher algorithm was used. The
option --ignore-mdc-error can be used to turn this failure
into a warning.
- debian/patches/from-master/0001-gpg-Turn-no-mdc-warn-into-a-NOP.patch
- debian/patches/from-master/0003-gpg-Remove-MDC-options.patch
- debian/patches/from-master/0004-gpg-Print-a-hint-on-how-to-decrypt-a-non-mdc-message.patch
-- Steve Beattie <email address hidden> Sun, 10 Jun 2018 21:54:05 -0700
Upload details
- Uploaded by:
- Steve Beattie
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| gnupg2_2.2.4.orig.tar.bz2 | 6.3 MiB | 401a3e64780fdfa6d7670de0880aa5c9d589b3db7a7098979d7606cec546f2ec |
| gnupg2_2.2.4.orig.tar.bz2.asc | 952 bytes | 30dd26e12b451e8f6799ba3a81449ed18db3d3e747820b237a39745ab264c899 |
| gnupg2_2.2.4-1ubuntu1.1.debian.tar.bz2 | 75.7 KiB | 1ba2d8ad61e99caf309288990f265269fe3363a7a1e4c79b672c0eae43b0f67a |
| gnupg2_2.2.4-1ubuntu1.1.dsc | 3.7 KiB | 46c737d2b5e2720c0b531d88e11cfc725386302de00960da57a1843c3b39a7e8 |
Available diffs
Binary packages built by this source
- dirmngr: GNU privacy guard - network certificate management service
dirmngr is a server for managing and downloading OpenPGP and X.509
certificates, as well as updates and status signals related to those
certificates. For OpenPGP, this means pulling from the public
HKP/HKPS keyservers, or from LDAP servers. For X.509 this includes
Certificate Revocation Lists (CRLs) and Online Certificate Status
Protocol updates (OCSP). It is capable of using tor for network
access.
.
dirmngr is used for network access by gpg, gpgsm, and dirmngr-client,
among other tools. Unless this package is installed, the parts of
the GnuPG suite that try to interact with the network will fail.
- dirmngr-dbgsym: debug symbols for dirmngr
- gnupg: GNU privacy guard - a free PGP replacement
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
This package contains the full suite of GnuPG tools for cryptographic
communications and data storage.
- gnupg-agent: GNU privacy guard - cryptographic agent (dummy transitional package)
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
This is a dummy transitional package; please use gpg-agent instead.
- gnupg-l10n: GNU privacy guard - localization files
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC 4880.
.
This package contains the translation files for the use of GnuPG in
non-English locales.
- gnupg-utils: GNU privacy guard - utility programs
GnuPG is GNU's tool for secure communication and data storage.
.
This package contains several useful utilities for manipulating
OpenPGP data and other related cryptographic elements. It includes:
.
* addgnupghome -- create .gnupg home directories
* applygnupgdefaults -- run gpgconf --apply-defaults for all users
* gpgcompose -- an experimental tool for constructing arbitrary
sequences of OpenPGP packets (e.g. for testing)
* gpgparsemail -- parse an e-mail message into annotated format
* gpgsplit -- split a sequence of OpenPGP packets into files
* gpg-zip -- encrypt or sign files in an archive
* kbxutil -- list, export, import Keybox data
* lspgpot -- convert PGP ownertrust values to GnuPG
* migrate-pubring- from-classic- gpg -- use only "modern" formats
* symcryptrun -- use simple symmetric encryption tool in GnuPG framework
* watchgnupg -- watch socket-based logs
- gnupg-utils-dbgsym: debug symbols for gnupg-utils
- gnupg2: GNU privacy guard - a free PGP replacement (dummy transitional package)
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
This is a dummy transitional package that provides symlinks from gpg2
to gpg.
- gpg: GNU Privacy Guard -- minimalist public key operations
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
This package contains /usr/bin/gpg itself, and is useful on its own
only for public key operations (encryption, signature verification,
listing OpenPGP certificates, etc). If you want full capabilities
(including secret key operations, network access, etc), please
install the "gnupg" package, which pulls in the full suite of tools.
- gpg-agent: GNU privacy guard - cryptographic agent
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
This package contains the agent program gpg-agent which handles all
secret key material for OpenPGP and S/MIME use. The agent also
provides a passphrase cache, which is used by pre-2.1 versions of
GnuPG for OpenPGP operations. Without this package, trying to do
secret-key operations with any part of the modern GnuPG suite will
fail.
- gpg-agent-dbgsym: debug symbols for gpg-agent
- gpg-dbgsym: debug symbols for gpg
- gpg-wks-client: GNU privacy guard - Web Key Service client
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
This package provides the GnuPG client for the Web Key Service
protocol.
.
A Web Key Service is a service that allows users to upload keys per
mail to be verified over https as described in
https://tools. ietf.org/ html/draft- koch-openpgp- webkey- service
.
For more information see: https://wiki.gnupg. org/WKS
- gpg-wks-client-dbgsym: debug symbols for gpg-wks-client
- gpg-wks-server: GNU privacy guard - Web Key Service server
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
This package provides the GnuPG server for the Web Key Service
protocol.
.
A Web Key Service is a service that allows users to upload keys per
mail to be verified over https as described in
https://tools. ietf.org/ html/draft- koch-openpgp- webkey- service
.
For more information see: https://wiki.gnupg. org/WKS
- gpg-wks-server-dbgsym: debug symbols for gpg-wks-server
- gpgconf: GNU privacy guard - core configuration utilities
GnuPG is GNU's tool for secure communication and data storage.
.
This package contains core utilities used by different tools in the
suite offered by GnuPG. It can be used to programmatically edit
config files for tools in the GnuPG suite, to launch or terminate
per-user daemons (if installed), etc.
- gpgconf-dbgsym: debug symbols for gpgconf
- gpgsm: GNU privacy guard - S/MIME version
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
This package contains the gpgsm program. gpgsm is a tool to provide
digital encryption and signing services on X.509 certificates and the
CMS protocol. gpgsm includes complete certificate management.
- gpgsm-dbgsym: debug symbols for gpgsm
- gpgv: GNU privacy guard - signature verification tool
GnuPG is GNU's tool for secure communication and data storage.
.
gpgv is actually a stripped-down version of gpg which is only able
to check signatures. It is somewhat smaller than the fully-blown gpg
and uses a different (and simpler) way to check that the public keys
used to make the signature are valid. There are no configuration
files and only a few options are implemented.
- gpgv-dbgsym: debug symbols for gpgv
- gpgv-static: minimal signature verification tool (static build)
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC 4880.
.
This is GnuPG's signature verification tool, gpgv, built statically
so that it can be directly used on any platform that is running on
the Linux kernel. Android and ChromeOS are two well known examples,
but there are many other platforms that this will work for, like
embedded Linux OSes. This gpgv in combination with debootstrap and
the Debian archive keyring allows the secure creation of chroot
installs on these platforms by using the full Debian signature
verification that is present in all official Debian mirrors.
- gpgv-static-dbgsym: debug symbols for gpgv-static
- gpgv-udeb: minimal signature verification tool
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC 4880.
.
This is GnuPG's signature verification tool, gpgv, packaged in minimal
form for use in debian-installer.
- gpgv-win32: GNU privacy guard - signature verification tool (win32 build)
GnuPG is GNU's tool for secure communication and data storage.
.
gpgv is a stripped-down version of gnupg which is only able to check
signatures. It is smaller than the full-blown gnupg and uses a
different (and simpler) way to check that the public keys used to
make the signature are trustworthy.
.
This is a win32 version of gpgv. It's meant to be used by the win32-loader
component of Debian-Installer.
- gpgv2: GNU privacy guard - signature verification tool (dummy transitional package)
GnuPG is GNU's tool for secure communication and data storage. gpgv
is a stripped-down version of gpg which is only able to check
signatures.
.
This is a dummy transitional package that provides symlinks from gpgv2
to gpgv.
- scdaemon: GNU privacy guard - smart card support
GnuPG is GNU's tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC4880.
.
This package contains the smart card program scdaemon, which is used
by gpg-agent to access OpenPGP smart cards.
- scdaemon-dbgsym: debug symbols for scdaemon
