drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Fehler in Schlüsselvalidierung in gnupg
Name: |
Fehler in Schlüsselvalidierung in gnupg
|
|
ID: |
200305-04 |
|
Distribution: |
Gentoo |
|
Plattformen: |
Keine Angabe |
|
Datum: |
Sa, 17. Mai 2003, 13:00 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
The GNU Privacy Guard |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT 200305-04 --------------------------------------------------------------------
PACKAGE : gnupg SUMMARY : key validity bug DATE : 2003-05-16 11:55 UTC VERSIONS AFFECTED : <gnupg-1.2.2 FIXED VERSION : >=gnupg-1.2.2 CVE : CAN-2003-0255
--------------------------------------------------------------------
- From advisory:
"As part of the development of GnuPG 1.2.2, a bug was discovered in the key validation code. This bug causes keys with more than one user ID to give all user IDs on the key the amount of validity given to the most-valid key."
Read the full advisory at http://marc.theaimsgroup.com/?l=bugtraq&m=105215110111174&w=2
SOLUTION
It is recommended that all Gentoo Linux users who are running app-crypt/gnupg upgrade to gnupg-1.2.2 as follows:
emerge sync emerge gnupg emerge clean
-------------------------------------------------------------------- aliz@gentoo.org - GnuPG key is available at http://cvs.gentoo.org/~aliz -------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE+xNHNfT7nyhUpoZMRAv6xAJ9Sbj96yso0kD1RVAR/fA2tF5Ce8ACfXfDZ e2eSXVOCMuGRNyE+d+Sr8Ck= =StRY -----END PGP SIGNATURE-----
|
|
|
|