oss-sec mailing list archives
Re: Many vulnerabilities in GnuPG
From: Stephan Verbücheln <stephan () verbuecheln ch>
Date: Sun, 28 Dec 2025 08:30:31 +0100
Most of them are about unreliably displaying what was actually signed and vertified. The RCE bug was actually fixed as they already state in their slides. https://github.com/gpg/gnupg/commit/ad0c6c33c3d6fe7ff7cc8c2e73d02ead5788e5b3 The overall status is not good though. In total (in their slides): - 1 fixed - 1 mitigated - 3 unreleased patches in Git - 7 unpatched - 2 wontfox status. Regards
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- Re: safe use of cleartext signatures?, (continued)
- Re: safe use of cleartext signatures? Demi Marie Obenour (Dec 30)
- Re: safe use of cleartext signatures? Werner Koch (Dec 31)
- Re: Many vulnerabilities in GnuPG Lexi Groves (49016) (Dec 29)
- Re: Many vulnerabilities in GnuPG Henrik Ahlgren (Dec 29)
- Re: Many vulnerabilities in GnuPG Sam James (Dec 29)
- Re: Many vulnerabilities in GnuPG Jacob Bachmeyer (Dec 30)
- Re: Many vulnerabilities in GnuPG Demi Marie Obenour (Dec 30)
- Re: Many vulnerabilities in GnuPG Sam James (Dec 30)
- Re: Many vulnerabilities in GnuPG Jeffrey Walton (Dec 30)
- Re: Many vulnerabilities in GnuPG Andreas Metzler (Dec 29)
- Re: Many vulnerabilities in GnuPG Peter Gutmann (Dec 29)
- Re: Many vulnerabilities in GnuPG Demi Marie Obenour (Dec 30)
- Re: Many vulnerabilities in GnuPG Peter Gutmann (Dec 30)
- Re: Many vulnerabilities in GnuPG Henrik Ahlgren (Dec 30)
- Re: Many vulnerabilities in GnuPG Collin Funk (Dec 30)
- Re: Many vulnerabilities in GnuPG Peter Gutmann (Dec 31)
- Re: Many vulnerabilities in GnuPG Jeffrey Walton (Dec 28)