gnupg
Page content
- Author: voroskoi
- Vulnerable: 1.4.5-3siwenna1
- Unaffected: 1.4.5-4siwenna1
Gerardo Richarte from Core Security Technologies identified a problem when using GnuPG in streaming mode. The problem is actually a variant of a well known problem in the way signed material is presented in a MUA. It is possible to insert additional text before or after a signed (or signed and encrypted) OpenPGP message and make the user believe that this additional text is also covered by the signature.
- Bug Tracker URL: http://bugs.frugalware.org/task/1784