GnuPG signed message spoofing vulnerability
Posted Mar 8, 2007 6:50 UTC (Thu) by dd9jn
Parent article: GnuPG signed message spoofing vulnerability
FWIW, I have often pointed developers to GPGME as an example on how to use gpg in a proper way. Unfortunately I have fallen into the same pit as most other developers when I wrote GPGME. I simply got it wrong. So when applications using GPGME (e.g. KMail, Sylpheed and Mutt) are vulnerable, it is my fault.
to post comments)