oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Many vulnerabilities in GnuPG

From: Sam James <sam () gentoo org>
Date: Sun, 28 Dec 2025 11:38:29 +0000
Solar Designer <solar () openwall com> writes:


On Sat, Dec 27, 2025 at 07:29:53PM -0500, Demi Marie Obenour wrote:

https://gpg.fail lists many vulnerabilities in GnuPG, one of which
allows remote code execution.  All are zero-days to the best of
my knowledge.


Thanks.  I wish this were brought in here by the researchers, but since
it was not and since we require actual content here (not just links),


Indeed. I'll note that several of the vulnerability pages (say
https://gpg.fail/sha1) have:


Upcoming Timeline:
[...]
21.12.2025: Disclosure of this report on https://seclists.org/fulldisclosure/


But I've not been able to find such a report there either.

Attachment: signature.asc
Description:

Previous By Date Next
Previous By Thread Next

Current thread: