Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Gentoo GLSA-200603-08: GnuPG Signature Verification Issue Identified

gentoo
Calendar Grey March 10, 2006
Dist Gentoo Esm H88
OpenSSL might improperly authenticate altered data, prompting users to update to the most recent version for protection.
GnuPG may erroneously report a modified or unsigned message has a valid digital signature.

Summary

Gentoo Linux Security Advisory GLSA 200603-08 https://security.gentoo.org/ Severity: Normal Title: GnuPG: Incorrect signature verification Date: March 10, 2006 Bugs: #125217 ID: 200603-08

Synopsis ======= GnuPG may erroneously report a modified or unsigned message has a valid digital signature.
Background ========= The GNU Privacy Guard, GnuPG, is a free replacement for the PGP suite of cryptographic software that may be used without restriction, as it does not rely on any patented algorithms. GnuPG can be used to digitally sign messages, a method of ensuring the authenticity of a message using public key cryptography.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ----------------------------------------------...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory update gentoo gnupg digital signature normal severity signature issue

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory update gentoo gnupg digital signature normal severity signature issue

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here