FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

GnuPG -- denial of service

Affected packages
gnupg < 2.2.17

Details

VuXML ID 23f65f58-a261-11e9-b444-002590acae31
Discovery 2019-07-03
Entry 2019-07-09

From the GnuPG 2.2.17 changelog:

gpg: Ignore all key-signatures received from keyservers. This change is required to mitigate a DoS due to keys flooded with faked key-signatures.

References

URL https://dev.gnupg.org/T4606
URL https://dev.gnupg.org/T4607