[Announce] [CVE-2022-3515] GnuPG / Libksba Security Advisory
Werner Koch
wk at gnupg.org
Tue Oct 18 09:55:12 CEST 2022
On Tue, 18 Oct 2022 08:59, Alessandro Vesely said:
> Debian fix kept the old version number 1.5.0-3, though:
FWIW: Debian thus misses
* Allow an OCSP server not to return the sent nonce. [rK24992a4a7a]
* Limited support for the Authenticated-Enveloped-Data content type.
[rK81fdcd680c12]
* Support password based decryption. [rKcb7f2484a09c]
* Support Brainpool curves specified by ECDomainParameters.
All of them fixes practical problems found in the real world.
Salam-Shalom,
Werner
--
The pioneers of a warless world are the youth that
refuse military service. - A. Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20221018/a2a06eea/attachment.sig>
More information about the Gnupg-users
mailing list