1.43. gnupg

An updated gnupg package that fixes a bug is now available.

GnuPG is a utility for encrypting data and creating digital signatures.

This package addresses the following bug:

* compressed, old-style Modification Detection Code (MDC) packets do not include length information and the decompressor uses an implicit end point. In some circumstances (message length was likely the determining circumstance) this could result in more bytes being supplied to the decompressor than were needed. This resulted in GnuPG failing to decrypt the file and returning an error as follows:

gpg: [don't know]: invalid packet (ctb=14)

With this update, the packet parsing was changed: MDC packets are now decoded independently and are no longer passed to the packet parser that lead to the errors. ( BZ#592845).

GnuPG users should upgrade to this updated package, which resolves this issue.