Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Flaw Discovered in GPG

Posted by ryuzaki0 on Thursday March 9, 2006 @02:22PM from the enemy-within dept.

WeLikeRoy writes "A serious problem in the use of GPG to verify digital signatures has been discovered, which also affects the use of gpg in email. It is possible for an attacker to take any signed message and inject extra arbitrary data without affecting the signed status of the message. Depending on how gpg is invoked, it may be possible to output just faked data as several variants of this attack have been discovered. All versions of gnupg prior to 1.4.2.2 are affected, and it is thus recommended to update GnuPG as soon as possible to version 1.4.2.2."

3 of 151 comments (clear)

Min score:

Reason:

Sort:

Plus good Newspeak! by Un-Thesis · 2006-03-09 14:42 · Score: -1, Offtopic

Glad to see that Newspeak is in such vogue with the proletariat of today! Heil Bush, mein Weltführer!

Poll: Should Bush resign?

--
Promote freedom; fight fascism.
Eat, Drink, and be Merry by Un-Thesis · 2006-03-09 14:54 · Score: -1, Offtopic

At least you can laugh this off as if it were nothing. I'm just waiting for the economic crash to occur now that the housing bubble is leaking, war with Iran is imminent (promient Russian MP says March 31st (as did Scott Ritter), Bush gave 30-day ultimatum on the 4th.
As the saying goes, Let's eat drink and be merry, for tomorrow we die.
HopeSeekr of xMule

--
Promote freedom; fight fascism.
Re:Double Bag That Burger by tacolicker · 2006-03-09 18:35 · Score: -1, Offtopic

z0mG u R t3h 1337z0rz!!!!!!!!!!11!!~!~!0~!@!~1337z0rz!@!@! die fucktard nigger.