Security Flaw Discovered in GPG : ImaWeblog

Security Flaw Discovered in GPG

Posted by Michael Fri, 10 Mar 2006 07:01:25 GMT

Security Flaw Discovered in GPG: “WeLikeRoy writes ‘A serious problem in the use of GPG to verify digital signatures has been discovered, which also affects the use of gpg in email. It is possible for an attacker to take any signed message and inject extra arbitrary data without affecting the signed status of the message. Depending on how gpg is invoked, it may be possible to output just faked data as several variants of this attack have been discovered. All versions of gnupg prior to 1.4.2.2 are affected, and it is thus recommended to update GnuPG as soon as possible to version 1.4.2.2.’“

(Via Slashdot.)

Posted in Security | no comments | no trackbacks

Comments

Trackbacks

Use the following link to trackback from your own site:
http://weblog.imapenguin.com/trackbacks?article_id=security-flaw-discovered-in-gpg&day=10&month=03&year=2006

RSS feed for this post trackback uri

Comments are disabled

Subscribe in a reader

ImaWeblog

Just waddling around