Summary: | app-crypt/gnupg: denial of service issue (resource consumption) using compressed packets | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Hank Leininger <hlein> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | UNCONFIRMED --- | ||
Severity: | normal | CC: | base-system, zlogene |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://marc.info/?l=oss-security&m=165696590211434&w=4 | ||
Whiteboard: | A3 [upstream] | ||
Package list: | Runtime testing required: | --- |
Description
Hank Leininger
2022-07-27 11:37:18 UTC
According to werner on the issue (https://dev.gnupg.org/T5993), "This specificiation is a draft which has not even been discussed in the WG. In any case gpg won't implement this because it would break processing of existing data." |