oss-sec mailing list archives
Re: Many vulnerabilities in GnuPG
From: Salvatore Bonaccorso <carnil () debian org>
Date: Mon, 29 Dec 2025 07:06:27 +0100
Hi, FTR, these two got CVE assignments so far: On Sun, Dec 28, 2025 at 12:47:30AM -0600, Jacob Bachmeyer wrote: [...]
Item 3: Cleartext Signature Plaintext Truncated for Hash Calculation
https://gpg.fail/formfeed https://www.cve.org/CVERecord?id=CVE-2025-68972
Item 5: Memory Corruption in ASCII-Armor Parsing
https://gpg.fail/memcpy https://www.cve.org/CVERecord?id=CVE-2025-68973 Regards, Salvatore
Current thread:
- Many vulnerabilities in GnuPG Demi Marie Obenour (Dec 27)
- Re: Many vulnerabilities in GnuPG Solar Designer (Dec 27)
- Re: Many vulnerabilities in GnuPG Solar Designer (Dec 27)
- Re: Many vulnerabilities in GnuPG Jacob Bachmeyer (Dec 27)
- Re: Many vulnerabilities in GnuPG Salvatore Bonaccorso (Dec 28)
- Re: Many vulnerabilities in GnuPG Werner Koch (Dec 29)
- Re: Many vulnerabilities in GnuPG Demi Marie Obenour (Dec 29)
- Re: safe use of cleartext signatures? (was: Many vulnerabilities in GnuPG) Jacob Bachmeyer (Dec 30)
- Re: safe use of cleartext signatures? Werner Koch (Dec 30)
- Re: safe use of cleartext signatures? Demi Marie Obenour (Dec 30)
- Re: safe use of cleartext signatures? Werner Koch (Dec 31)
- Re: Many vulnerabilities in GnuPG Solar Designer (Dec 27)
- Re: Many vulnerabilities in GnuPG Lexi Groves (49016) (Dec 29)
- Re: Many vulnerabilities in GnuPG Henrik Ahlgren (Dec 29)
- Re: Many vulnerabilities in GnuPG Sam James (Dec 29)
- Re: Many vulnerabilities in GnuPG Jacob Bachmeyer (Dec 30)