![]() ![]() ![]() Where a problem is indicated as being fixed in a certain version, assume that it remains fixed in later versions. I indicate candidate when the CVE team is not yet convinced the asserted vulnerability is real. Since I support the goal of Mitre's CVE project - to standardize the identification of computer vulnerabilities - I list the CVE number (if known) for each problem. These are only the problems that I have evaluated because they might impact my own use of PGP. The problems described below do not form a comprehensive list. When Zimmermann does make public pronouncements, he uses PGP to sign them. Actually, I do not believe statements attributed to Zimmermann unless I can see his original message. Never believe that assertion if his name is spelled Zimmerman, with only one n at the end. Sometimes, the report of a flaw in PGP indicates that Philip Zimmermann (the creator of PGP) has verified the report. The lack of any such announcement should cause skepticism. Preliminary, unevaluated reports might also be found at the Mitre Corporation's Common Vulnerabilities and Exposures (CVE) project. ![]() government department) that issue warnings about Internet and computer security. When they are, you should expect to see some kind of announcement by CERT or CISA two agencies (one at a university, the other part of a U.S. Buffer Overflow in Outlook Plug-In for PGPĮvery so often, someone reports a weakness or failure in PGP. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |