Hi!
As you probably all know, a security problem with the compress library
zlib has been found which affects a lot of software. For details see:
http://www.zlib.org/advisory-2002-03-11.txt
and the security announcements for your OS.
GnuPG does also use zlib; however in most environments the system
provided zlib is used. So an update to this system library is
sufficient to fix the problem in GnuPG.
On systems without a installed zlib, the GnuPG build process
automatically includes the zlib copy which come with it. This may
also be forced by using the --with-included-zlib configure option.
On those systems, GnuPG needs to be updated! A patch with
instructions is attached to this mail.
Note, that the MS-Windows version is also affected by this bug; an
updated binary package will be available soon.
Werner
As you probably all know, a security problem with the compress library
zlib has been found which affects a lot of software. For details see:
http://www.zlib.org/advisory-2002-03-11.txt
and the security announcements for your OS.
GnuPG does also use zlib; however in most environments the system
provided zlib is used. So an update to this system library is
sufficient to fix the problem in GnuPG.
On systems without a installed zlib, the GnuPG build process
automatically includes the zlib copy which come with it. This may
also be forced by using the --with-included-zlib configure option.
On those systems, GnuPG needs to be updated! A patch with
instructions is attached to this mail.
Note, that the MS-Windows version is also affected by this bug; an
updated binary package will be available soon.
Werner
Attached Files:
-
gnupg-zlib.patch (9.92 KB)