Created attachment 351079 [details] Reproducer (Top level of tar is NOT A DIRECTORY. Unpack carefully) Confirmed for RHEL 5 as well. +++ This bug was initially created as a clone of Bug #510500 +++ Created an attachment (id=351077) Reproducer (Top level of tar is NOT A DIRECTORY. Unpack carefully) Description of problem: Decrypting certain data (length of message seems to be the determining factor) causes this error message: gpg: [don't know]: invalid packet (ctb=14) This patch seems to fix it for the customer: http://lists.gnupg.org/pipermail/gnupg-devel/2006-September/023180.html Version-Release number of selected component (if applicable): gnupg-1.2.6-9 How reproducible: Always Steps to Reproduce: 1. Unpack the attached tar in a new folder 2. Run: echo foobar | gpg -d --passphrase-fd 0 --homedir dot.gnupg --yes -o 2019.dat 2019.dat.gpg Actual results: Error message Expected results: The file is decrypted Additional info: Customer claims this also reproduces on RHEL 3 and 5. In the case of RHEL 5, I will clone the bug if I can reproduce it myself.
The patch used in 1.4.6 ended up being a bit different; we should use that one instead. Has a bit of overlap with changes to fix CVE-2006-6235, so needs a bit of adjusting.
Patch is here: https://bugzilla.redhat.com/show_bug.cgi?id=510500#c3