Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

GnuPG gpgsm bug

Published: 2010-07-24
Last Updated: 2010-07-24 06:11:43 UTC
by Manuel Humberto Santander Pelaez (Version: 1)
0 comment(s)

gpgsm is a tool similar to gpg designed to provide digital encryption and signing services on X.509 certificates and the CMS protocol. There is a bug with this tool when importing a X509 certificate with more than 98 subject alternate names or implicitly while verifying a signature.

Version 2.0.16 is affected and older versions should be affected as well. More information at

-- Manuel Humberto Santander Peláez | | | msantand at isc dot sans dot org

Keywords: gnupg gpgsm X509
0 comment(s)
Diary Archives