|
|
|
|
|
|
by KooBaa
171 days ago
|
|
|
The 12 vulnerabilities mentioned in “gpg fail” are somewhat exaggerated. Here you can find a reply from GnuPG:
https://www.openwall.com/lists/oss-security/2025/12/29/9 And btw, it was mentioned in the talk that GnuPG does not sign commits. That’s just wrong. Everything, including the release tarballs, is signed. |
|
|