Debian Security Update DSA-5174 gnupg2 - security update

Thread starter LinuxBot
Start date Jul 4, 2022

LinuxBot

Member

Jul 4, 2022

#1

Demi Marie Obenour discovered a flaw in GnuPG, allowing for signature spoofing via arbitrary injection into the status line. An attacker who controls the secret part of any signing-capable key or subkey in the victim's keyring, can take advantage of this flaw to provide a correctly-formed signature that some software, including gpgme, will accept to have validity and signer fingerprint chosen from the attacker.

Continue reading...

You must log in or register to reply here.

Similar threads

Debian Security Update DSA-6293-1 krb5 - security update

Replies: 0

Views: 79

May 23, 2026

LinuxBot

Debian Security Update DSA-6204-1 openssh - security update

Replies: 0

Views: 261

Apr 10, 2026

LinuxBot

Debian Security Update DSA-6279-1 redis - security update

Replies: 0

Views: 118

May 19, 2026

LinuxBot

Debian Security Update DSA-6069-1 openvpn - security update

Replies: 0

Views: 231

Dec 4, 2025

LinuxBot

Debian Security Update DSA-6106-1 inetutils - security update

Replies: 0

Views: 329

Jan 22, 2026

LinuxBot

Share:

Facebook X Bluesky LinkedIn Reddit Pinterest Tumblr WhatsApp Email Link

Follow Linux.org

Linux.org YouTube Channel

Staff online

Brickwizard
Super Moderator

Members online

Total: 1,464 (members: 6, guests: 1,458)

Latest posts

T
“Atomic Arch”: Nearly 900 AUR Packages Backdoored with a Developer-Targeting Infostealer and eBPF Rootkit
- Latest: theLegionWithin
- 8 minutes ago
Linux Security
What a Nightmare.
- Latest: osprey
- 33 minutes ago
General Linux Topics
Removing Thunderbird?
- Latest: osprey
- Today at 6:45 AM
Ubuntu forum
L
VPN Linux Mint
- Latest: lemonyx
- Today at 6:19 AM
Linux Networking
Run this script in the current bash terminal shell window, but have it open shred in another bash terminal shell window?
- Latest: Alexzee
- Today at 4:40 AM
General Linux Topics

Top