from gnupg.org:
Signature verification of non-detached signatures may give a positive
result but when extracting the signed data, this data may be prepended
or appended with extra data not covered by the signature. Thus it is
possible for an attacker to take any signed message and inject extra
arbitrary data.
The security issue is caused due to "gpgv" exiting with a return code
of 0 even if the detached signature file did not carry any signature.
This may result in certain scripts that use "gpgv" to conclude that
the signature is correctly verified.
More info: http://secunia.com/advisories/18845/
ok bernd@ pvalchev@
memory if swap encryption is disabled. (It's enabled by default.)
This supersedes pkg/MESSAGE.
Regen patches with update-patches while I'm here. Bump PKGNAME.
idea and ok espie@
A bug was discovered in the key validation code. This bug causes keys
with more than one user ID to give all user IDs on the key the amount
of validity given to the most-valid key.
http://marc.theaimsgroup.com/?l=bugtraq&m=105215110111174&w=2
--
MAINTAINER ok
- move idea patches to patches directory.
- remove unneeded patch-cipher_Makefile_am.
- remove deprecated NEED_VERSION.
you need an updated gas for this to work on i386.
discussed with reinhard@.
the 1.0.4 release and because the problem was later fixed in 1.0.5 (and
later versions). Here is a quote from the NEWS file about this issue:
--cut--
* WARNING: The semantics of --verify have changed to address a
problem with detached signature detection. --verify now ignores signed
material given on stdin unless this is requested by using a "-" as the
name for the file with the signed material. Please check all your
detached signature handling applications and make sure that they don't
pipe the signed material to stdin without using a filename together with
"-" on the the command line.
--cut--
The patch introduce a problem in the way verifying a signature returned
a value of 2 instead of 0 (when the signature was properly verified).
The symptom showed itself in mutt for example.
This problem was found by Anders Arnholm <anders@arnholm.nu>
markus@ asked me to commit this.
*) Fixed a format string bug which is exploitable if --batch is not used.
*) Checked all translations for format strings bugs.
*) Removed the Russian translation due to too many bugs.
*) Fixed keyserver access and expire time calculation.
ok maintainer
patch from:
Florian Weimer <Florian.Weimer@RUS.UNI-STUTTGART.DE>
# http://cert.uni-stuttgart.de/files/fw/gnupg-klima-rosa.diff
# http://cert.uni-stuttgart.de/files/fw/gnupg-klima-rosa.diff.asc
It introduces additional consistency checks, as suggested by the
authors of the paper. The checks are slightly different, but they
make the two additional attacks infeasible, I think. In the future,
it might be a good idea to add a check the generated signature for
validity, this will detect bugs in the MPI implementation which could
result in a revealed secret key, too.
ok markus@
