--allow-multiple-messages in gpg 1.4.9
Werner Koch
wk at gnupg.org
Thu Aug 7 09:06:01 CEST 2008
On Wed, 6 Aug 2008 19:05, nicholas.cole at gmail.com said:
> The option appears to be ignored whether or not I read from the file
> or provide the blocks on stdin and whether or not I use the explicit
> --decrypt option.
Frankly, that option is only for backward compatibility when we removed
that features. It is quite possible that there are other problems in
using it. From the NEWS:
* By default, do not allow processing multiple plaintexts in a
single stream. Many programs that called GnuPG were assuming
that GnuPG did not permit this, and were thus not using the
plaintext boundary status tags that GnuPG provides. This change
makes GnuPG reject such messages by default which makes those
programs safe again. --allow-multiple-messages returns to the
old behavior. [CVE-2007-1263].
I'll change the documentaion to make this more clear.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gnupg-users
mailing list