Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[tlug] Gnupg serious security bug.

It must be the week for security blunder discoveries.  GnuPG has one as

    Signature verification of non-detached signatures may give a positive
    result but when extracting the signed data, this data may be prepended
    or appended with extra data not covered by the signature. Thus it is
    possible for an attacker to take any signed message and inject extra
    arbitrary data.

It is fixed in version version



Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links