CVE-2007-1269 (retired)

Priority
Description
GNUMail 1.1.2 and earlier does not properly use the --status-fd argument
when invoking GnuPG, which prevents GNUMail from visually distinguishing
between signed and unsigned portions of OpenPGP messages with multiple
components, which allows remote attackers to forge the contents of a
message without detection.
Notes
 fujitsu> Not important, as GnuPG was fixed in CVE-2007-1263.
Package
Upstream:needs-triage
More Information

Updated: 2019-03-26 11:39:35 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)