l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2003 May 05 14:14

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] [Fwd: Key validity bug in GnuPG 1.2.1 and earlier]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] [Fwd: Key validity bug in GnuPG 1.2.1 and earlier]

begin ME <dugan@passwall.com> 
> I know many of you use GPG, so I'm passing this on. This is likely not a
> serious issue for most of you. FYI:
> ---------------------------- Original Message ----------------------------
> Subject: Key validity bug in GnuPG 1.2.1 and earlier
> From:    "David Shaw" <dshaw@jabberwocky.com>
> Date:    Sat, May 3, 2003 18:35
> To:      bugtraq@securityfocus.com
> --------------------------------------------------------------------------
> As part of the development of GnuPG 1.2.2, a bug was discovered in the key
> validation code.  This bug causes keys with more than one user ID to give
> all user IDs on the key the amount of validity given to the most-valid
> key.

> This bug has been fixed in the newly released GnuPG 1.2.2, and
> upgrading is the recommended fix for this problem.

nota bene: both debian/testing and debian/unstable are currently at gnupg/1.2.1.
debian/stable is at gnupg/1.0.6.

so all three branches are vulnerable.


GPG Instructions: http://www.dirac.org/linux/gpg
GPG Fingerprint: B9F1 6CF3 47C4 7CD8 D33E 70A9 A3B9 1945 67EA 951D
vox mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Appahost Applications
For a significant contribution towards our projector, and a generous donation to allow us to continue meeting at the Davis Library.