[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SUSE Security Announcement: gpg,liby2util signature checking problems (SUSE-SA:2006:013)



On Mon, Mar 06, 2006 at 05:59:51PM +0100, Malte Gell wrote:
> On Wednesday 01 March 2006 10:24, Marcus Meissner wrote:
> 
> Hello,
> 
> >         Package:                gpg,liby2util
> >         Announcement ID:        SUSE-SA:2006:013
> >         Date:                   Wed, 01 Mar 2006 11:00:00 +0000
> >         Affected Products:      SUSE LINUX 10.0
> 
> the longer I think about this, the more this bug frightens me... For so 
> many years up to now it was possible to foist malicious code with 
> faulty gpg signatures... Has there ever been evidene that someone made 
> use of this terribly severe bug? 

We have no indication of this.

Ciao, Marcus

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here