1. 23
    Sequoia PGP security sequoia-pgp.org
  1.  

  2. 2

    This probably got dug up on the occasion of Libgcrypt 1.9.0 vulnerability https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000456.html

    There is a heap buffer overflow in libgcrypt due to an incorrect assumption in the block buffer management code. Just decrypting some data can overflow a heap buffer with attacker controlled data, no verification or signature is validated before the vulnerability occurs.

    1. 3

      Maybe https://sequoia-pgp.org/blog/2021/01/26/202101-sq-release/ got it on people’s minds?

    Stories with similar links:

    1. Sequoia PGP via sanxiyn 2 years ago | 12 points | no comments