On Mon, 27 Nov 2006 21:05, [EMAIL PROTECTED] said:
> Will this lead to a 1.4.6 / 2.0.1 release anytime soon or is the bug
> not serious enough for that?
Yes. This week.
Salam-Shalom,
Werner
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
htt
GnuPG 1.4 and 2.0 buffer overflow
==
Summary
===
While fixing a bug reported by Hugh Warrington, a buffer overflow has
been identified in all released GnuPG versions. The current versions
1.4.5 and 2.0.0 are affected. A small patch is p
Werner Koch wrote:
>While fixing a bug reported by Hugh Warrington, a buffer overflow has
>been identified in all released GnuPG versions. The current versions
>1.4.5 and 2.0.0 are affected. A small patch is provided.
Will this lead to a 1.4.6 / 2.0.1 release anytime soon or is the bug
not seri
Peter Lebbing wrote:
> That's too bad. Someone suggested (off-list) to use Cygwin, but IIRC the
> Cygwin version can't access USB devices... but if it is possible to use
> serial-port devices (after all, that structure is less complex), I could
> hook up the SPR 532 to the serial port. Does anybod
Nico Schottelius wrote:
>When I encrypt and sign a message, is the signature also
>crypted or is it around the encrypted part?
It is first signed and then encrypted. Since the information who signed the
message might be sensitive too this makes sense.
--
ir. J.C.A. Wevers // Physics an
On Mon, Nov 27, 2006 at 03:25:45PM +0100, Nico Schottelius wrote:
> When I encrypt and sign a message, is the signature also
> crypted or is it around the encrypted part?
It is encrypted also. OpenPGP encrypted and signed messages are:
Encrypt ( Sign ( Message) )
David
__
When I encrypt and sign a message, is the signature also
crypted or is it around the encrypted part?
--
``...if there's one thing about Linux users, they're do-ers, not whiners.''
(A quotation of Andy Patrizio I completely agree with)
signature.asc
Description: Digital signature
___
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
First off, I noticed I accidentally replied only to Werner and not to
the list. My previous post:
Peter Lebbing wrote:
> Werner Koch wrote:
>>> Is it possible to backport this (or just the SPR 532 code) to GnuPG 1.4?
>>
>> No, that is not possible.
>
On Sat, 25 Nov 2006 16:07, [EMAIL PROTECTED] said:
> Is it possible to backport this (or just the SPR 532 code) to GnuPG 1.4?
No, that is not possible.
Shalom-Salam,
Werner
___
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.or
