Red Hat Bugzilla – Bug 42674
gnupg 1.0.6 out, fixing format string exploit
Last modified: 2007-03-26 23:44:49 EDT
Description of Problem:
GPG 1.0.5 and prior versions are vulnerable to format string exploits in
non-batch mode. 1.0.6 fixes this, according to the <A
HREF="http://www.gnupg.org/whatsnew.html#rn20010529">GnuPG web page</A>.
Presumably a more informative announcement from Werner is forthcoming....
Exploits for this have now been posted to bugtraq
An errata packages is being prepped.