Mailinglist Archive: opensuse-security (109 mails)

< Previous Next >
Re: [suse-security] SUSE Security Announcement: gpg,liby2util signature checking problems (SUSE-SA:2006:013)
  • From: Marcus Meissner <meissner@xxxxxxx>
  • Date: Mon, 6 Mar 2006 18:52:46 +0100
  • Message-id: <20060306175246.GA2817@xxxxxxx>
On Mon, Mar 06, 2006 at 05:59:51PM +0100, Malte Gell wrote:
> On Wednesday 01 March 2006 10:24, Marcus Meissner wrote:
>
> Hello,
>
> > Package: gpg,liby2util
> > Announcement ID: SUSE-SA:2006:013
> > Date: Wed, 01 Mar 2006 11:00:00 +0000
> > Affected Products: SUSE LINUX 10.0
>
> the longer I think about this, the more this bug frightens me... For so
> many years up to now it was possible to foist malicious code with
> faulty gpg signatures... Has there ever been evidene that someone made
> use of this terribly severe bug?

We have no indication of this.

Ciao, Marcus

< Previous Next >