Canonical Fixes GnuPG Vulnerability in All Ubuntu-Supported OSes

Users need to update their systems in order to fix the problem

By on June 27th, 2014 15:14 GMT

Canonical has published details in a security notice about a GnuPG vulnerability in Ubuntu 14.04 LTS, Ubuntu 13.10, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems that has been fixed.

The Ubuntu developers have closed a small vulnerability with GnuPG, and users have been advised to upgrade their systems as soon as possible.

According to the security notice, “Jean-René Reinhard, Olivier Levillain and Florian Maury discovered that GnuPG incorrectly handled certain OpenPGP messages. If a user or automated system were tricked into processing a specially-crafted message, GnuPG could consume resources, resulting in a denial of service.”

For a more detailed description of the problems, you can see Canonical's security notification. Users should upgrade their Linux distribution in order to correct this issue.

The flaw can be fixed if you upgrade your system(s) to the latest gnupg2 and gnupg packages specific to each distribution. To apply the patch, users can simply run the Update Manager application.

If you don't want to use the Software Updater, you can open a terminal and enter the following commands (you will need to be root):

code
sudo apt-get update
sudo apt-get dist-upgrade
In general, a standard system update will make all the necessary changes. You won't have to restart the PC in order to implement this fix.
Ubuntu 14.04 LTS
   Ubuntu 14.04 LTS
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

Comments