On Wed, 2 Aug 2006 21:37, Brian M. Carlson said:
> I am inclined to say that this is grave, but since gnupg tends to do
> memory allocation before it drops privileges, you might find that this
The allocation problem, which is overflow like
malloc(numbercontrolledbyuser+20), can only happen after
Hi,
I extracted a minimal patch from 1.4.5 for the Sarge security update.
This has been assigned CVE-2006-3746.
Thanks,
Martin
--
Martin Pitthttp://www.piware.de
Ubuntu Developer http://www.ubuntu.com
Debian Developer http://www.debian.org
In a world without walls and fences, who
Package: gnupg
Version: 1.4.3-2
Severity: grave
Tags: security
GnuPG 1.4.5 corrects some potential security problems in memory
allocation. From
http://lists.gnupg.org/pipermail/gnupg-announce/2006q3/000229.html :
* Fixed 2 more possible memory allocation attacks. They are
similar to t
3 matches
Mail list logo
