Fw: [UNIX] GnuPG Format String Vulnerability in ttyio.c's
do_get()
Werner Koch
wk@gnupg.org
Mon Dec 17 15:58:02 2001
On Mon, 17 Dec 2001 09:12:05 -0500, vedaal said:
> received the alert below from securiteam,
> is it 'real'?
securiteam seems to be a bit slow reporting bugs; from gnupg's NEWS:
Noteworthy changes in version 1.0.6 (2001-05-29)
------------------------------------------------
* Security fix for a format string bug in the tty code.
Actually this was the reason to release 1.0.6 and it was done at the
same time the bug was published.
Werner
--
Werner Koch Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions -- Augustinus