nschehovin at yahoo.com
2018-Jul-04 20:18 UTC
[CentOS] gpg2 (GnuPG) Security Update for CentOS 6.10
Where do I get an update for gpg2 (GnuPG) for CentOS 6.10 that is compliant with CVE-2018-12020? I'm trying to update gpg2 (GnuPG GNU Privacy Guard) on my fully updated CentOS 6.10 computer to comply with CVE-2018-12020. My system has gpg2 package? gnupg2-2.0.14-8.el6.x86_64.rpm This package does not appear to be compliant with CVE-2018-12020.? I can not find and update anywhere. I have tried downloading the upstream version 2.2.8 from GnuPG.org but am having trouble building it for CentOS 6.10 primarily due to a requirement for a newer version of glibc. I'm getting the error undefined reference to 'clock_gettime' and have not been able to resolve it Any suggestions on where to download the update or when an update might be available or how to build gpg2 version 2.2.8 for CentOS 6 is appreciated. Thanks,Ed
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 2018-07-04 at 20:18 +0000, nschehovin--- via CentOS wrote:> Where do I get an update for gpg2 (GnuPG) for CentOS 6.10 that is compliant > with CVE-2018-12020? > I'm trying to update gpg2 (GnuPG GNU Privacy Guard) on my fully updated CentOS > 6.10 computer to comply with CVE-2018-12020. My system has gpg2 package? > gnupg2-2.0.14-8.el6.x86_64.rpm > This package does not appear to be compliant with CVE-2018-12020.? I can not > find and update anywhere. I have tried downloading the upstream version 2.2.8 > from GnuPG.org but am having trouble building it for CentOS 6.10 primarily due > to a requirement for a newer version of glibc. I'm getting the error undefined > reference to 'clock_gettime' and have not been able to resolve it > > Any suggestions on where to download the update or when an update might be > available or how to build gpg2 version 2.2.8 for CentOS 6 is appreciated. > Thanks,Ed > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centosHi, This looks like it is in the works and may take a little time. References: https://access.redhat.com/security/cve/cve-2018-12020 https://bugzilla.redhat.com/show_bug.cgi?id=1589620 Regards Phil - -- *** If this is a mailing list, I am subscribed, no need to CC me.*** Playing the game for the games sake. IRC: kathenas Web: https://kathenas.org Github: https://github.com/kathenas GitLab: https://gitlab.com/kathenas Twitter: kathenasorg GPG: A0C3 4C6A AC2B B8F4 F1E5?EDF4 333F 60DC B0B9 BB77 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBAgAGBQJbPTBkAAoJEDM/YNywubt3D0QP/164DSwRHiKt6uMylF76oAIN 6Cwr+1TgzHJiqp0so5Y2GvuBmfbU2K7nFKTrIF7hq/fn02sdvrU+S5xge2e0OHbC My94is11TrlqysK1DVRSWz1myaAD9onlQf9Z3/4B4ZN75Zkzw62Ct5akGcLu+cVR 6Mk22DqAnxl1W1TzB8VFUlaxbqXXTMypdfbuBiELJ3zJZwet4ITl//5W6fLlc62M 52/MKWQstoSNjssMlU0fJS5rwnwxo0ZG3pHlKr6zm9pi358OURImiKDY4BFty/pN nA58kNvTuTOozBgVaMMyX1w//gBVr05vS6KSlH1FZI3i7pG+jX3WtKYEoA+gFmZQ ZTXYOeHvGCPu5q3MjAFNeN8aqwcT77antFrzL8gUrnFl4WfXbRcPB7Y3Nm1nA86c UsrrRD61sQRVCYF3CbL2ldPkgc3eLl3zQ3WINKF3bkU0Ota8n4CPCtFmxtFqS5K3 vaidsmX8iiq/K7cACgIpJy5WSOldT49MVG1ujQCFNCPoesmjgea+kVU4KKEwpT8O 0Ond8/dvG7LSsLQCnhYeKyvhGLhsKHe098E10P+IIwu11iJ9228blxdoZhA80Ejd qB1E0ea7WtVNAyQrdBmUsKRieaWOWBHPsTh6KhgLqHoHrsgiRX8NPXIheNyfI6+w IYVkbyoIDz5Z8eo4TLoF =/OgR -----END PGP SIGNATURE-----