GnuPG 1.4/2.0 requires a patch for GCC 5
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | gnupg (Ubuntu) |
Undecided
|
Unassigned | ||
| | gnupg2 (Ubuntu) |
Undecided
|
Marc Deslauriers | ||
Bug Description
Hello,
I am a upstream developer of GnuPG, and we got a bug report.
https:/
https:/
I committed a fix to upstream repository for 1.4 and 2.0.
Then, I realized that Ubuntu uses GCC 5 for building gnupg. Thus, reporting.
I'm not sure if this bug is reproducible on Ubuntu. It is reproducible on my Debian machine.
Please check.
| NIIBE Yutaka (gniibe) wrote : | #1 |
| summary: |
- GnuPG 1.4 requires a patch for GCC 5 + GnuPG 1.4/2.0 requires a patch for GCC 5 |
| Marc Deslauriers (mdeslaur) wrote : | #2 |
Thanks for reporting this. Looks like xenial already contains 1.4.20, which includes the fix.
I'll take care of fixing gnupg2.
| Changed in gnupg (Ubuntu): | |
| status: | New → Fix Released |
| Changed in gnupg2 (Ubuntu): | |
| status: | New → Confirmed |
| assignee: | nobody → Marc Deslauriers (mdeslaur) |
| Launchpad Janitor (janitor) wrote : | #3 |
This bug was fixed in the package gnupg2 - 2.0.28-3ubuntu2
---------------
gnupg2 (2.0.28-3ubuntu2) xenial; urgency=medium
* debian/
compiling with gcc 5. (LP: #1501634)
-- Marc Deslauriers <email address hidden> Tue, 09 Feb 2016 16:11:42 -0500
| Changed in gnupg2 (Ubuntu): | |
| status: | Confirmed → Fix Released |
This bug is fixed in upstream.
GnuPG 1.4:
http://
GnuPG 2.0:
http://
It had been fixed in development branch before, and the fix was intended to silence a warning at that time. Because of that, the commit log doesn't directly address it's a bug.
Now with GCC 5, we have a concrete example which hits the bug. Namely, OpenPGP-compliant valid signature might be
regected.