Date: Tue, 2 Dec 2003 11:23:10 -0800 From: Brooks Davis <brooks@one-eyed-alien.net> To: Dorin H <bj93542@yahoo.com> Cc: freebsd-security@freebsd.org Subject: Re: GnuPG 1.2.3 vulnerable? Message-ID: <20031202192306.GB1326@Odin.AC.HMC.Edu> In-Reply-To: <20031202191638.42168.qmail@web12601.mail.yahoo.com> References: <20031202191638.42168.qmail@web12601.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--4SFOXa2GPu3tIq4H Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Dec 02, 2003 at 11:16:38AM -0800, Dorin H wrote: > Hi there, >=20 > Is the gpg FreeBSD port vulnerable to ElGamal signing > key disclosure problem? > Info: > http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000276.html The latest commit log says: *** Security Update (not fix, only workaround) *** Disable the ability to create signatures using the ElGamal sign+encrypt (type 20) keys as well as to remove the option to create such keys. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --4SFOXa2GPu3tIq4H Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE/zOaPXY6L6fI4GtQRAiMQAKCgI9hKWq0IWGQ75OjSBKLz0GX+aACfd99y vuVRIye9laEEpvPLTbmRCdU= =pJHx -----END PGP SIGNATURE----- --4SFOXa2GPu3tIq4H--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031202192306.GB1326>