A bug was discovered in the key validation code. This bug causes keys
with more than one user ID to give all user IDs on the key the amount
of validity given to the most-valid key.
http://marc.theaimsgroup.com/?l=bugtraq&m=105215110111174&w=2
--
MAINTAINER ok
- move idea patches to patches directory.
- remove unneeded patch-cipher_Makefile_am.
- remove deprecated NEED_VERSION.
you need an updated gas for this to work on i386.
discussed with reinhard@.
the 1.0.4 release and because the problem was later fixed in 1.0.5 (and
later versions). Here is a quote from the NEWS file about this issue:
--cut--
* WARNING: The semantics of --verify have changed to address a
problem with detached signature detection. --verify now ignores signed
material given on stdin unless this is requested by using a "-" as the
name for the file with the signed material. Please check all your
detached signature handling applications and make sure that they don't
pipe the signed material to stdin without using a filename together with
"-" on the the command line.
--cut--
The patch introduce a problem in the way verifying a signature returned
a value of 2 instead of 0 (when the signature was properly verified).
The symptom showed itself in mutt for example.
This problem was found by Anders Arnholm <anders@arnholm.nu>
markus@ asked me to commit this.
*) Fixed a format string bug which is exploitable if --batch is not used.
*) Checked all translations for format strings bugs.
*) Removed the Russian translation due to too many bugs.
*) Fixed keyserver access and expire time calculation.
ok maintainer
patch from:
Florian Weimer <Florian.Weimer@RUS.UNI-STUTTGART.DE>
# http://cert.uni-stuttgart.de/files/fw/gnupg-klima-rosa.diff
# http://cert.uni-stuttgart.de/files/fw/gnupg-klima-rosa.diff.asc
It introduces additional consistency checks, as suggested by the
authors of the paper. The checks are slightly different, but they
make the two additional attacks infeasible, I think. In the future,
it might be a good idea to add a check the generated signature for
validity, this will detect bugs in the MPI implementation which could
result in a revealed secret key, too.
ok markus@
It has been pointed out that there is another bug in the signature
verification code of GnuPG.
* This can easily lead to false positives *
All versions of GnuPG released before today are vulnerable!
To check a detached singature you normally do this:
gpg --verify foo.sig foo.txt
The problem here is that someone may replace foo.sig with a standard
signature containing some arbitrary signed text and its signature,
and then modify foo.txt - GnuPG does not detect this - Ooops.
The solution for this problem ist not easy and needs a change in the
semantics of the --verify command: It will not any longer be
possible to do this:
gpg --verify foo.sig <foo.txt
Instead you have to use this
gpg --verify foo.sig - <foo.txt
The difference here is that gpg sees 2 files on the command lines
and thereby knows that it should check a detached signature. We
really need this information and there is no way to avoid that
change, sorry. You should make sure that you never use the first
form, because this will lead to false positives when foo.sig is not
a detached signature - gnupg does detect the other case and warns
you, but this is not sufficient. If you use GnuPG from other
applications, please change it.
ok markus@
