--allow-multiple-messages in gpg 1.4.9
Nicholas Cole
nicholas.cole at gmail.com
Thu Aug 7 14:37:26 CEST 2008
On Thu, Aug 7, 2008 at 3:06 AM, Werner Koch <wk at gnupg.org> wrote:
> * By default, do not allow processing multiple plaintexts in a
> single stream. Many programs that called GnuPG were assuming
> that GnuPG did not permit this, and were thus not using the
> plaintext boundary status tags that GnuPG provides. This change
> makes GnuPG reject such messages by default which makes those
> programs safe again. --allow-multiple-messages returns to the
> old behavior. [CVE-2007-1263].
>
> I'll change the documentaion to make this more clear.
The issue I was reporting was that this option doesn't seem to do
anything at all, at least for armoured messages. I haven't done any
further testing. Are you saying that this is a dummy option?
Best,
Nicholas
More information about the Gnupg-users
mailing list