subject:"Bug#402592\: gnupg\: allocates arbitary amounts of memory on verifying a signature"

Bug#402592: gnupg: allocates arbitary amounts of memory on verifying a "signature"

2006-12-24 Thread Moritz Muehlenhoff

tags 402592 -security thanks On Mon, Dec 11, 2006 at 04:12:37PM +0100, Helmut Grohne wrote: > Package: gnupg > Version: 1.4.6-1 > Severity: important > Tags: security > Justification: remote dos > > I somehow found this signature (which seems to be too large to append to > a mail): > http://subdi

Bug#402592: gnupg: allocates arbitary amounts of memory on verifying a "signature"

2006-12-11 Thread Helmut Grohne

Package: gnupg Version: 1.4.6-1 Severity: important Tags: security Justification: remote dos I somehow found this signature (which seems to be too large to append to a mail): http://subdivi.de/~helmut/gpg-outofmemory.sig Running gpg --verify gpg-outofmemory.sig will cause gpg try to allocate over