|
Family: Debian Local Security Checks --> Category: infos
[DSA429] DSA-429-1 gnupg Vulnerability Scan
Vulnerability Scan Summary DSA-429-1 gnupg
Detailed Explanation for this Vulnerability Test
Phong Nguyen identified a severe bug in the way GnuPG creates and uses
ElGamal keys for signing. This is a significant security failure
which can lead to a compromise of almost all ElGamal keys used for
signing.
This update disables the use of this type of key.
For the current stable distribution (woody) this problem has been
fixed in version 1.0.6-4woody1.
For the unstable distribution, this problem has been fixed in version
1.2.4-1.
We recommend that you update your gnupg package.
Solution : http://www.debian.org/security/2004/dsa-429
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|