Date: Fri, 27 Oct 2000 00:41:37 -0600 From: Kurt Seifried <seifried@SECURITYPORTAL.COM> Subject: LSLID:2000102702 - Kondara - gnupg To: LINUX-SECURITY@LISTSERV.SECURITYPORTAL.COM LSLID:2000102702 =============== gnupg(2000/10/24) Description The "gnupg" packages included in Kondara MNU/Linux 1.2 has a serious bug which could lead to false signature verification results when more than one signature is fed to gpg. You should update the following software packages. Thank you! RPMS/SRPMS ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/security/alpha/gnu pg-1.0.4-1k.alpha.rpm ftp://ftp.jaist.ac.jp/pub/os/linux/kondara/Kondara-1.2/errata/security/i586/gnup g-1.0.4-1k.i586.rpm ftp://ftp.jaist.ac.jp/os/linux/kondara/Kondara-1.2/errata/security/SRPMS/SRPMS/g nupg-1.0.4-1k.nosrc.rpm