Evgeny Legerov discovered that gnupg, the GNU privacy guard, a free PGP replacement contains an integer overflow that can cause a segmentation fault and possibly overwrite memory via a large user ID string. For the old stable distribution (woody) this problem has been fixed in version 1.0.6-4woody6. For the stable distribution (sarge) this problem has been fixed in version 1.4.1-1.sarge4. For the unstable distribution (sid) this problem has been fixed in version 1.4.3-2. We recommend that you upgrade your gnupg package.
Evgeny Legerov discovered that gnupg, the GNU privacy guard, a free PGP replacement contains an integer overflow that can cause a segmentation fault and possibly overwrite memory via a large user ID string.
For the old stable distribution (woody) this problem has been fixed in version 1.0.6-4woody6.
For the stable distribution (sarge) this problem has been fixed in version 1.4.1-1.sarge4.
For the unstable distribution (sid) this problem has been fixed in version 1.4.3-2.
We recommend that you upgrade your gnupg package.
MD5 checksums of the listed files are available in the original advisory.