[langsec-discuss] GnuPG LANGSEC bug

Brian M. Waters brian at brianmwaters.net
Wed Jun 25 19:31:39 UTC 2014


I am normally just a lurker here, but I thought the LANGSEC folks would
get a kick out of CVE-2014-4617
(http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4617), which
allows a remote attacker to throw even the venerable GnuPG into an
infinite loop using carefully crafted input.

Cheers,
BW

-- 
Brian M. Waters
Burlington, Vermont, USA
+1 (908) 380-8214
brian at brianmwaters.net
https://brianmwaters.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <https://mail.langsec.org/pipermail/langsec-discuss/attachments/20140625/e473fbbb/attachment.pgp>


More information about the langsec-discuss mailing list