Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo: GLSA-200602-10 Normal: GnuPG Incorrect Signature Verification

gentoo
Calendar Grey February 18, 2006
Dist Gentoo Esm H88
OpenSSL could potentially confuse programs regarding certificate validation. Be sure to update the affected libraries to uphold system integrity.
Applications relying on GnuPG to authenticate digital signatures may incorrectly believe a signature has been verified.

Summary

Gentoo Linux Security Advisory GLSA 200602-10 https://security.gentoo.org/ Severity: Normal Title: GnuPG: Incorrect signature verification Date: February 18, 2006 Bugs: #122721 ID: 200602-10

Synopsis ======= Applications relying on GnuPG to authenticate digital signatures may incorrectly believe a signature has been verified.
Background ========= GnuPG (The GNU Privacy Guard) is a free replacement for PGP (Pretty Good Privacy). As GnuPG does not rely on any patented algorithms, it can be used without any restrictions. gpgv is the OpenPGP signature verification tool provided by the GnuPG system.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-crypt/gnupg < 1.4.2.1 ...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo gnupg software update authentication flaw digital signatures normal severity

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo gnupg software update authentication flaw digital signatures normal severity

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here