Security News
Bug hunter Tavis Ormandy of Google's Project Zero just discovered a dangerous bug in the GNU Privacy Guard team's libgcrypt encryption software. The libgcrypt library is an open-source toolkit that anyone can use, but it's probably best known as the encryption library used by the GNU Privacy Guard team's own widely deployed GnuPG software.
Libgcrypt 1.9.0, the newest version of a cryptographic library integrated in the GNU Privacy Guard free encryption software, has a "Severe" security vulnerability and should not be used, warned Werner Koch. Libgcrypt is a general purpose cryptographic library used by GnuPG, but some other encryption software also employ it.
Brinkmann files third signature spoof vulnerability in a month Security researcher Marcus Brinkmann has turned up another vulnerability in the GnuPG cryptographic library, this time specific to...
A vulnerability affecting GnuPG has made some of the widely used email encryption software vulnerable to digital signature spoofing for many years. The list of affected programs includes Enigmail...
A security researcher has discovered a critical vulnerability in some of the world's most popular and widely used email encryption clients that use OpenPGP standard and rely on GnuPG for...
GnuPG recently addressed an input sanitization vulnerability where a remote attacker could spoof arbitrary signatures. read more
Missing input sanitisation fixed after hacker spat If you're a developer relying on GnuPG, check upstream for an update that plugs an input sanitisation bug.…
Security boffins have discovered a critical vulnerability in a GnuPG cryptographic library that allowed the researchers to completely break RSA-1024 and successfully extract the secret RSA key to...
Werner Koch and his team of GnuPG developers are asking for funding for the continued development of the popular free email and data encryption software. What is GnuPG, and why you should care...