AT2k Design BBS Message Area
Casually read the BBS message area using an easy to use interface. Messages are categorized exactly like they are on the BBS. You may post new messages or reply to existing messages!

You are not logged in. Login here for full access privileges.

Previous Message | Next Message | Back to Computer Support/Help/Discussion...  <--  <--- Return to Home Page
   Networked Database  Computer Support/Help/Discussion...   [1448 / 2005] RSS
 From   To   Subject   Date/Time 
Message   LWN.net    All   A critical GnuPG security update   February 1, 2026
 6:40 AM *   

There is a new GnuPG update for a "critical security bug" in recent
GnuPG releases.

A crafted CMS (S/MIME) EnvelopedData message carrying an oversized
	wrapped session key can cause a stack buffer overflow in gpg-agent
	during the PKDECRYPT--kem=CMS handling.  This can easily be used
	for a DoS but, worse, the memory corruption can very likley also be
	used to mount a remote code execution attack.  The bug was
	introduced while changing an internal API to the FIPS required KEM
	API.

Only versions 2.5.13 through 2.5.16 are affected.

https://lwn.net/Articles/1056209/
--- SBBSecho 3.34-Linux
 * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (618:250/24)
  Show ANSI Codes | Hide BBCodes | Show Color Codes | Hide Encoding | Hide HTML Tags | Show Routing
Previous Message | Next Message | Back to Computer Support/Help/Discussion...  <--  <--- Return to Home Page
VADV-PHP
Execution Time: 0.016 seconds

If you experience any problems with this website or need help, contact the webmaster.
VADV-PHP Copyright © 2002-2026 Steve Winn, Aspect Technologies. All Rights Reserved.
Virtual Advanced Copyright © 1995-1997 Roland De Graaf.
 v2.1.250224