[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 411-1] New mpg321 packages fix format string vulnerability - PGP key?

Incoming from Matt Zimmerman:
> Debian Security Advisory DSA 411-1                     security@debian.org
> http://www.debian.org/security/                             Matt Zimmerman
> January 5th, 2004                       http://www.debian.org/security/faq
> 
> Package        : mpg321
> Vulnerability  : format string
> Problem-Type   : remote
> Debian-specific: no
> CVE Ids        : CAN-2003-0969

Were any of you able to verify the PGP signatures on the latest
debian-security-announce messages?  I can't:

  [-- PGP output follows (current time: Mon 05 Jan 2004 10:30:43 PM MST) --]
  gpg: Signature made Mon 05 Jan 2004 07:51:35 PM MST using DSA key ID 43E25D1E
  gpg: Can't check signature: public key not found
  [-- End of PGP output --]

I'm using mutt, and ESC-P usually works checking traditional PGP
signatures, but not with these three (bind, libnids, mpg321).


-- 
Any technology distinguishable from magic is insufficiently advanced.
(*)               http://www.spots.ab.ca/~keeling 
- -
Reply to: