Red Hat Bugzilla – Bug 184557
CVE-2006-0049 Gnupg incorrect malformed message verification
Last modified: 2007-11-30 17:11:26 EST
Gnupg incorrect malformed message verification
Tavis Ormandy discovered that it is still possible to trick gnupg into
incorrectly verifying a signed message.
The patch is here:
From User-Agent: XML-RPC
gnupg-22.214.171.124-1 has been pushed for FC4, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.
Hmm, don't know why this didn't get closed.