Hi Werner, Thanks for the clarification.
You mentioned whoever created it should invalidate. Since you're the maintainer, it makes the most sense for you to dispute it directly (https://cveform.mitre.org). Your dispute would carry the most weight. Shalom-Salam, Shani On Thu, 15 Jan 2026 at 18:07, Werner Koch <[email protected]> wrote: > On Thu, 15 Jan 2026 17:09, Shani Yosef said: > > > The code inserts '\f' when lines are truncated, but I didn't > > find where '\f' is detected during verification to trigger the "bad > > signature > > Well, if the truncated stuff is part of the signed text the \f chnages > the signed text and thus you will get a bad signature. If it was not > part of the signed text you would anyway not see it in the file created > with --output. > > > Shalom-Salam, > > Werner > > > -- > The pioneers of a warless world are the youth that > refuse military service. - A. Einstein >
_______________________________________________ Gnupg-devel mailing list [email protected] https://lists.gnupg.org/mailman/listinfo/gnupg-devel
