Koch Burns GPG Signature Version Vulnerability

This weekend GPG developer and habitual liar Werner Koch announced a vulnerability that consumes unsanitized input allowing control characters to be called when file names are displayed (archived). The announcement and offered mitigations in conjunction with Koch's history suggest an intentional vulnerability in the software being "burned".

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>