Wichert Akkerman <[EMAIL PROTECTED]> writes:
> Previously Florian Weimer wrote:
> > With GnuPG 1.0.4, the web of trust can be compromised by an attacker,
>
> How?
GnuPG 1.0.4 automatically assigns ultimate trust to public keys if a
corresponding private key is present in the private key ring. W
Previously Florian Weimer wrote:
> With GnuPG 1.0.4, the web of trust can be compromised by an attacker,
How?
> and there's a pretty severe problem with detached signature
> verification.
That was fixed months ago, check the changelog.
Wichert.
--
__
Wichert Akkerman <[EMAIL PROTECTED]> writes:
> Previously Florian Weimer wrote:
> > With GnuPG 1.0.4, the web of trust can be compromised by an attacker,
>
> How?
GnuPG 1.0.4 automatically assigns ultimate trust to public keys if a
corresponding private key is present in the private key ring.
Wouter Cloetens <[EMAIL PROTECTED]> writes:
> Extra details on the bug report for gnupg-1.04-2 can be found
> on http://www.securityfocus.com/bid/2797. Most distributions
> appear to have reported a security alert, but all recommend
> upgrading to 1.0.6. A backport for stable is in order, I
> gue
Previously Florian Weimer wrote:
> With GnuPG 1.0.4, the web of trust can be compromised by an attacker,
How?
> and there's a pretty severe problem with detached signature
> verification.
That was fixed months ago, check the changelog.
Wichert.
--
_
Wouter Cloetens <[EMAIL PROTECTED]> writes:
> Extra details on the bug report for gnupg-1.04-2 can be found
> on http://www.securityfocus.com/bid/2797. Most distributions
> appear to have reported a security alert, but all recommend
> upgrading to 1.0.6. A backport for stable is in order, I
> gu
Previously Wouter Cloetens wrote:
> Extra details on the bug report for gnupg-1.04-2 can be found
> on http://www.securityfocus.com/bid/2797. Most distributions
> appear to have reported a security alert, but all recommend
> upgrading to 1.0.6. A backport for stable is in order,
It's being worked
Extra details on the bug report for gnupg-1.04-2 can be found
on http://www.securityfocus.com/bid/2797. Most distributions
appear to have reported a security alert, but all recommend
upgrading to 1.0.6. A backport for stable is in order, I
guess...
bfn, Wouter
From: Ulrik De Bie <[EMAIL PROTECT
Previously Wouter Cloetens wrote:
> Extra details on the bug report for gnupg-1.04-2 can be found
> on http://www.securityfocus.com/bid/2797. Most distributions
> appear to have reported a security alert, but all recommend
> upgrading to 1.0.6. A backport for stable is in order,
It's being worke
Extra details on the bug report for gnupg-1.04-2 can be found
on http://www.securityfocus.com/bid/2797. Most distributions
appear to have reported a security alert, but all recommend
upgrading to 1.0.6. A backport for stable is in order, I
guess...
bfn, Wouter
From: Ulrik De Bie <[EMAIL PROTEC
10 matches
Mail list logo
