[TriLUG] gpg users beware

Rick DeNatale rick.denatale at gmail.com
Fri Mar 10 14:42:34 EST 2006

Previous message: [TriLUG] Best Linux Desktop and Desktop Apps?
Next message: [TriLUG] RHCE
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

It appears that there is a serious bug in the signature verification
of gnupg prior to version 1.4.2.2  which allows an attacker to inject
arbitrary unsigned data into a message with a signature which is NOT
detached.

http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000216.html
--
Rick DeNatale

Visit the Project Mercury Wiki Site
http://www.mercuryspacecraft.com/

Previous message: [TriLUG] Best Linux Desktop and Desktop Apps?
Next message: [TriLUG] RHCE
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the TriLUG mailing list