Page MenuHome GnuPG

Exploitable overflow in Libgcrypt 1.9.0
Closed, ResolvedPublic


There is a severe bug in Libgcrypt 1.9.0 released last week (T4294).
Do not use 1.9.0 but wait for 1.9.1 (T5259).

The bug was introduced with commit rCe76617cbab in March 2019 but no version except for 1.9.0 has ever been released with it. The fix included in 1.9.1 is commit rC512c0c7527

Event Timeline

werner changed the task status from Open to Testing.Jan 29 2021, 11:27 AM

Fix has been released. Keeping this in testing state for easier visibility of this task.

werner changed External Link from to
werner claimed this task.