From 600b74f310f53548d99857f60949a7a697a35371 Mon Sep 17 00:00:00 2001
From: Aldas Nabazas <aldas@opensde.net>
Date: Sat, 26 Apr 2008 20:12:25 +0200
Subject: [PATCH] [gnupg2] Updated (2.0.7 -> 2.0.9) : SECURITY - HIGH

CVE-2008-1530 (High) :
GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service (crash) and
possibly execute arbitrary code via crafted duplicate keys that are imported from key servers,
which triggers "memory corruption around deduplication of user IDs."
---
 security/gnupg2/gnupg2.desc | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/security/gnupg2/gnupg2.desc b/security/gnupg2/gnupg2.desc
index 9350cae87..cc428f5d4 100644
--- a/security/gnupg2/gnupg2.desc
+++ b/security/gnupg2/gnupg2.desc
@@ -2,7 +2,7 @@
 [COPY] This copyright note is auto-generated by ./scripts/Create-CopyPatch.
 [COPY]
 [COPY] Filename: package/.../gnupg2/gnupg2.desc
-[COPY] Copyright (C) 2006 - 2007 The OpenSDE Project
+[COPY] Copyright (C) 2006 - 2008 The OpenSDE Project
 [COPY] Copyright (C) 2004 - 2006 The T2 SDE Project
 [COPY]
 [COPY] More information can be found in the files COPYING and README.
@@ -28,8 +28,7 @@
 
 [L] GPL
 [S] Stable
-[V] 2.0.7
+[V] 2.0.9
 [P] X -----5---9 118.201
 
-[D] 4240175667 gnupg-2.0.7.tar.bz2 ftp://ftp.gnupg.org/gcrypt/gnupg/
-
+[D] 1538996167 gnupg-2.0.9.tar.bz2 ftp://ftp.gnupg.org/gcrypt/gnupg/