Описание
gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also occurs when running the equivalent command "gpg --verify".
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.4.2.2-1ubuntu2.5 |
| devel | released | 1.4.6-1ubuntu2 |
| edgy | released | 1.4.3-2ubuntu3.3 |
| feisty | released | 1.4.6-1ubuntu2 |
| upstream | needs-triage |
Показывать по
4.6 Medium
CVSS2
Связанные уязвимости
gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also occurs when running the equivalent command "gpg --verify".
gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also occurs when running the equivalent command "gpg --verify".
gpgv in GnuPG before 1.4.2.1, when using unattended signature verifica ...
gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also occurs when running the equivalent command "gpg --verify".
Уязвимости операционной системы openSUSE, позволяющие злоумышленнику нарушить целостность защищаемой информации
4.6 Medium
CVSS2