GPGME library build issue on Solaris
Andrzej Cuper
ACuper@edgewater.com
Tue Jul 30 21:15:02 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I wonder if anybody had any problems building gpgme libraries on Solaris =
2.7 and 2.8 . Particularily it's bombing out on vasprintf and asprintf =
functions during linkage. I believe these functions are not implemented =
on Solaris.
Any comments or workarounds are appreciated,
Andrzej
Here is the error:
Making all in tests
Making all in gpg
source=3D't-encrypt.c' object=3D't-encrypt.o' libtool=3Dno \
depfile=3D'.deps/t-encrypt.Po' tmpdepfile=3D'.deps/t-encrypt.TPo' \
depmode=3Dgcc /bin/bash ../../depcomp \
gcc -DHAVE_CONFIG_H -I. -I. -I../.. -I../../gpgme -g -O2 -Wall =
-Wcast-align -Wshadow -Wstrict-prototypes -c `test -f 't-encrypt.c' || =
echo './'`t-encrypt.c
/bin/bash ../../libtool --mode=3Dlink gcc -g -O2 -Wall -Wcast-align =
-Wshadow -Wstrict-prototypes -o t-encrypt t-encrypt.o =
../../gpgme/libgpgme.la
mkdir .libs
gcc -g -O2 -Wall -Wcast-align -Wshadow -Wstrict-prototypes -o =
.libs/t-encrypt t-encrypt.o ../../gpgme/.libs/libgpgme.so =
-R/home/acuper/tools/lib
Undefined first referenced
symbol in file
asprintf ../../gpgme/.libs/libgpgme.so
vasprintf ../../gpgme/.libs/libgpgme.so
ld: fatal: Symbol referencing errors. No output written to =
.libs/t-encrypt
collect2: ld returned 1 exit status
*** Error code 1
make: Fatal error: Command failed for target `t-encrypt'
Current working directory /home/acuper/tmp/gpgme-0.3.8/tests/gpg
*** Error code 1
make: Fatal error: Command failed for target `all-recursive'
Current working directory /home/acuper/tmp/gpgme-0.3.8/tests
- -----Original Message-----
From: gnupg-users-request@gnupg.org
[mailto:gnupg-users-request@gnupg.org]
Sent: Tuesday, July 30, 2002 2:27 PM
To: gnupg-users@gnupg.org
Subject: Gnupg-users digest, Vol 1 #790 - 16 msgs
Send Gnupg-users mailing list submissions to
gnupg-users@gnupg.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.gnupg.org/mailman/listinfo/gnupg-users
or, via email, send a message with subject or body 'help' to
gnupg-users-request@gnupg.org
You can reach the person managing the list at
gnupg-users-admin@gnupg.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Gnupg-users digest..."
Today's Topics:
1. Re: Signing Keys w/ Multiple User IDs (Adrian 'Dagurashibanipal' =
von Bidder)
2. Re: Signing with more than one secret key available (Adrian =
'Dagurashibanipal' von Bidder)
3. Re: Signing with more than one secret key available =
(JanuszA.Urbanowicz)
4. Re: Exact timestamps may be bad (disastry@saiknes.lv)
5. Subkeys (Kevin A. Pieckiel)
6. How can I access a different users keyrings? (Kendall Carpenter)
7. Re: Subkeys (Adrian 'Dagurashibanipal' von Bidder)
8. Re: How can I access a different users keyrings? (Anthony E. =
Greene)
9. --with-colons works not as advertised / pgpring works not as gpg =
... --with-colons (Gregor Zattler)
10. Re: cannot send public key =
(=3D?ISO-8859-15?Q?R=3DFCdiger_Kupper?=3D)
11. Re: Signing Keys w/ Multiple User IDs (David Shaw)
12. MacGPG 1.0.7 - Two pubrings? (Charly Avital)
13. configure/make issues on HPUX (Michael Kaipust)
14. MacGPG 1.0.7 - Two pubrings? (Charly Avital)
15. (no subject) (Gerald Waugh)
16. GnuPG and OpenSSL (was Re: (no subject)) (David Shaw)
- --__--__--
Message: 1
Subject: Re: Signing Keys w/ Multiple User IDs
From: Adrian 'Dagurashibanipal' von Bidder <avbidder@fortytwo.ch>
To: gnupg-users@gnupg.org
Date: 30 Jul 2002 10:41:29 +0200
- --=3D-6cRw8t7zwZU6FdE7o2dc
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
On Tue, 2002-07-30 at 04:24, David Shaw wrote:
[which uid to sign?]
> In the specific case you mention (a key used to verify a software
> package), it does not matter. This is because in this case, the key
> is located by its key ID and not a particular user ID. Signing one or
> all of the user IDs will have the same function of trusting the key.
Summarized (please correct me if I'm wrong):
If you're encrypting, key lookup is per userid, so it matters which uid
you signed.
If you're verifying signatures, key lookup is per keyid, because the
signature does not store any 'signer' userid.
I've had a lengthy discussion about what a userid - and a signature on a
userid - exactly means (especially because userid is really limited to
e-mail [1]) and would be interested to know if the trust model will get
some reworking in the future (g10 Code lists reworking the trust model
on their TODO list...)
cheers
- -- vbi
- --=3D20
secure email with gpg http://fortytwo.ch/gpg
- --=3D-6cRw8t7zwZU6FdE7o2dc
Content-Type: application/pgp-signature; name=3Dsignature.asc
Content-Description: This is a digitally signed message part
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQA9RlE5wj49sl5Lcx8RArbFAJ9JjQRj6H1NBo1pgut7PTDXePeXtACdHXCa
dPLwVS7NqhbBVj/GSlaza4M=3D
=3DKnUU
- -----END PGP SIGNATURE-----
- --=3D-6cRw8t7zwZU6FdE7o2dc--
- --__--__--
Message: 2
Subject: Re: Signing with more than one secret key available
From: Adrian 'Dagurashibanipal' von Bidder <avbidder@fortytwo.ch>
To: GnuPG-users <gnupg-users@gnupg.org>
Date: 30 Jul 2002 10:51:11 +0200
- --=3D-fQ0jEue89U6DrDypyp+X
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
On Mon, 2002-07-29 at 20:58, Todd wrote:
> > is it simply silly to use different keypairs?
>=3D20
> That's your call. It's definitely more work to keep things straight, =
so =3D
I'd
> only do this if I had some very good reason to do so. It's probably =
best=3D
to
> only use different keypairs for different _groups_ of recipients, =
instead=3D
of
> for each _individual_ recipient. You might have a work key and a =
persona=3D
l
> key, for instance.
My take on this:
The idea of public key cryptography is that you can have only one key
because of the assymmetry of the algorithms. So, basically I would
recommend to have only one key when it's possible.=3D20
There are, however, a few reason why somebody has more than one key:
technicalities: many people have an old (pgp2) RSA key and a newer key,
because the didn't like RSA and because the pgp2 key format (v3) did not
have many of the options available with the new format.
security: My case... I have a key at work, where the secret key is
stored on my machine and is theoretically open to attack by my
co-workers and intruders here (Our firewall is quite tight, so don't
even try.) The other key is at home and will never leave - so you'd have
to physically break into my place to get it.
roles: Some people have other keys besides their personal key, like an
official company key or something like that. Quite obvious why it can't
be just uids, think.
Of course, there's nothing preventing you from having many keys. But the
idea of the web of trust encourages using only few keys.
cheers
- -- vbi
- --=3D20
secure email with gpg http://fortytwo.ch/gpg
- --=3D-fQ0jEue89U6DrDypyp+X
Content-Type: application/pgp-signature; name=3Dsignature.asc
Content-Description: This is a digitally signed message part
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQA9RlN/wj49sl5Lcx8RAmCeAJ92Hi73nffsE7V4/1Ev5P0vQk5JHACfWvUt
BXZKilhni/pwQScVW4ELMlc=3D
=3DHsRq
- -----END PGP SIGNATURE-----
- --=3D-fQ0jEue89U6DrDypyp+X--
- --__--__--
Message: 3
Subject: Re: Signing with more than one secret key available
To: andy_man@popmail.com
Date: Mon, 29 Jul 2002 15:31:56 +0200 (CEST)
CC: gnupg-users@gnupg.org
From: Janusz A. Urbanowicz <alex@bofh.torun.pl>
andy_man@popmail.com wrote/napisa=3DB3[a]/schrieb:
> Or is it simply silly to use different keypairs?
Yes.
Alex
- --=3D20
C _-=3D3D-_ H Janusz A. Urbanowicz, stomil at jabber.org, PGP 0x21939169 =
*=3D
=3D09
; (_O : ----------------------------------------------------------- =
--+~|=3D
=3D09
! &~) ? P=3DB3yn=3DB1=3DE6 chc=3DEA na Wsch=3DF3d, za Suez, gdzie jest =
dobrem ka=3DBF=3D
de z=3DB3o l_|/=3D09
A ~-=3D3D-~ O Gdzie przykaza=3DF1 brak dziesi=3DEAciu, a pi=3DE6 =
mo=3DBFna a=3DBF po dn=3D
o; | =3D20
- --__--__--
Message: 4
Date: Mon, 29 Jul 2002 19:56:19 +0200
From: disastry@saiknes.lv
To: gnupg-users <gnupg-users@gnupg.org>
CC: dshaw@jabberwocky.com
Subject: Re: Exact timestamps may be bad
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
David Shaw wrote:
[...]
> If zero is used for the timestamp (i.e. 1/1/1970),
> then there is no way to even get a guess about the real setting of the
> clock.
>=20
> GnuPG will refuse to validate such a signature ("public key is
> 1027635505 seconds newer than the signature"), unless the
> --ignore-time-conflict option is used to override this check. PGP
> seems to not mind either way, and will dutifully report that the
> signature was "made" on 1/1/1970.
so set timestamp to the same time (or 1 second above) as public key =
generation (signing?) time.
then gpg shoul validate it.
__
Disastry http://disastry.dhs.org/
http://disastry.dhs.org/pgp <----PGP plugins for Netscape and MDaemon
^----PGP 2.6.3ia-multi06 (supports IDEA, CAST5, BLOWFISH, TWOFISH,
AES, 3DES ciphers and MD5, SHA1, RIPEMD160, SHA2 hashes)
- -----BEGIN PGP SIGNATURE-----
Version: Netscape PGP half-Plugin 0.15 by Disastry / PGPsdk v1.7.1
iQA/AwUBPUVlnTBaTVEuJQxkEQOwlwCbBJN6MNe4zHve+fPCkFcAGsg2V6IAnjGY
bhAuG5WHvph2kpBGBdzpiozt
=3Dy0K/
- -----END PGP SIGNATURE-----
- --__--__--
Message: 5
Date: Mon, 29 Jul 2002 15:11:47 -0400
From: "Kevin A. Pieckiel" <kpieckiel@smartrafficenter.org>
To: gnupg-users@gnupg.org
Subject: Subkeys
Greetings, users:
I'm trying to better understand this concept of subkeys. I think I'm =
just
dense, because I can't glean the info for which I'm searching from the =
man
pages, handbook, etc.
I understand that one main key is used to signatures. This key usually
doesn't expire. There is another key--a subkey--used for encryption. =
It
is not uncommon for this key to have an expiration date. This subkey =
can
be replaced to ensure better security should an old encryption key be
compromised.
What I don't understand is why my encryption subkey doesn't show up on =
the
public keyservers. If I create a new encryption subkey on my keyring =
and
try to --send-keys to the keyservers, I get a response that there were =
no
new keys, UIDs, or signatures in the keyblock sent my GnuPG. To me, =
this
implies that there IS no public part of my encryption subkey, and this =
makes
no sense to me.
Could someone please help explain this better, or point me to resources =
with
clearer or more complete explanations?
Thanks,
Kevin
"I vilify you because you vilify yourselves.
I am your enemy because you are the enemies
of the gods and you do not know it."
- --Kahlil Gibran, My Countrymen
- --__--__--
Message: 6
From: Kendall Carpenter <kmc@promtech.com>
Reply-To: kmc@promtech.com
Organization: Promethean Technologies
To: gnupg-users@gnupg.org
Subject: How can I access a different users keyrings?
Date: Mon, 29 Jul 2002 16:24:58 -0400
Hi,
I am using GnuPG 1.07 for Linux. I am using shell commands and I need to =
=3D
be=3D20
able to access another users keyrings for encrypting and decrypting =
files=3D
=3D2E=3D20
I know there are many reasons this may be specifically protected =
against.=3D
=3D20
However I need to know if this is possible and if so how to accomplish =
vi=3D
a=3D20
shell commands. =3D20
Thanks for your help,
Kendall
- --__--__--
Message: 7
Subject: Re: Subkeys
From: Adrian 'Dagurashibanipal' von Bidder <avbidder@fortytwo.ch>
To: gnupg-users@gnupg.org
Date: 30 Jul 2002 11:39:13 +0200
- --=3D-TZj808UOkQ1AqkGBZfDL
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable
On Mon, 2002-07-29 at 21:11, Kevin A. Pieckiel wrote:
[subkeys and keyservers]
Most curently deployed keyservers have severe bugs when you try to use
newer key features - especially multiple subkeys - with them.
Unfortunately it is quite probable that the keyserver will corrupt your
key when you upload it (not your local copy, but the one other people
will want to download).
cheers
- -- vbi
- --=3D20
secure email with gpg http://fortytwo.ch/gpg
- --=3D-TZj808UOkQ1AqkGBZfDL
Content-Type: application/pgp-signature; name=3Dsignature.asc
Content-Description: This is a digitally signed message part
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQA9Rl7Bwj49sl5Lcx8RAn7eAJ0XRpELBq/Yjz+fV5gOmKwSlJxIDwCfSghA
eEICr2B20bGZ2qy2bvfTJXs=3D
=3DDDax
- -----END PGP SIGNATURE-----
- --=3D-TZj808UOkQ1AqkGBZfDL--
- --__--__--
Message: 8
Date: Tue, 30 Jul 2002 07:56:30 -0400
From: "Anthony E. Greene" <agreene@pobox.com>
To: gnupg-users@gnupg.org
Subject: Re: How can I access a different users keyrings?
Organization: Americal Division Veterans Association =
<http://www.americal.org/>
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 29-Jul-2002/16:24 -0400, Kendall Carpenter <kmc@promtech.com> wrote:
>I am using GnuPG 1.07 for Linux. I am using shell commands and I need =
to be=20
>able to access another users keyrings for encrypting and decrypting =
files.=20
The owner, or the system administrator, would have to change file and
directory permissions to allow you to access that keyring. Or they could
give you a copy to use.
Tony
- - --=20
Anthony E. Greene =
<mailto:Anthony%20E.%20Greene%20%3Cagreene@pobox.com%3E>
OpenPGP Key: 0x6C94239D/7B3D BD7D 7D91 1B44 BA26 C484 A42A 60DD 6C94 =
239D
AOL/Yahoo Messenger: TonyG05 HomePage: =
<http://www.pobox.com/~agreene/>
Linux. The choice of a GNU generation <http://www.linux.org/>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Anthony E. Greene <mailto:agreene@pobox.com> 0x6C94239D
iD8DBQE9Rn7spCpg3WyUI50RAqpmAKC+71SWjm/BWqTjmEEui7oLBcT8rgCfbsJR
bBrH5UQ8u6A74YP8tMYNeWg=3D
=3DaWH1
- -----END PGP SIGNATURE-----
- --__--__--
Message: 9
Date: Tue, 30 Jul 2002 12:31:05 +0200
From: Gregor Zattler <texmex@uni.de>
To: gnupg-users <gnupg-users@gnupg.org>
Subject: --with-colons works not as advertised / pgpring works not as =
gpg ... --with-colons
[first try was a crossposting but with wrong address]
Hi mutt developers and gnupg artists,
I tried to figure out why mutt behaves different in pub key
selection if using pgp2 or gpg (via pgp2.rc/gpg.rc).
gpg --list-keys --with-colons should show a "q" in the second
field (according to file "DETAILS.gz") if the computed trust is
undefined.
Mutts utility pgpring is showing this, but gpg v 1.07 shows a
dash "-":
0 pit:~$ gpg --list-keys --with-colon --notwendig-default-keyring =
--notwendig-options --keyring ~/.pgp/pubring.pgp roessler@guug.de
pub:-:2048:1:D2262944CE6AC6C1:1997-12-23:::-:Thomas Roessler =
<roessler@guug.de>::escESC:
pub:-:1280:1:3E2500EF593238E1:1996-01-19:::-:Thomas Roessler =
<roessler@guug.de>::escESC:
uid:-::::::::Thomas Roessler <Thomas.Roessler@Sobolev.Rhein.DE>:
0 pit:~$ pgpring -2 -k ~/.pgp/pubring.pgp roessler@guug.de
pub:q:2048:1:D2262944CE6AC6C1:1997-12-23::::Thomas Roessler =
<roessler@guug.de>:
pub:q:1280:1:3E2500EF593238E1:1996-01-19::::Thomas Roessler =
<roessler@guug.de>:
uid:q::::::::Thomas Roessler <Thomas.Roessler@Sobolev.Rhein.DE>:
0 pit:~$
Don't know until now if my problems have to do with this, but I
thought one of both should change.
HTH.
Ciao, Gregor
- --=20
"The future is here. It's just not widely distributed yet."
- -- William Gibson
- --__--__--
Message: 10
Date: Tue, 30 Jul 2002 14:45:55 +0200
From: =3D?ISO-8859-15?Q?R=3DFCdiger_Kupper?=3D
<Ruediger.Kupper@Physik.Uni-Marburg.De>
Organization: University of Marburg, Neurophysics Group
To: xantor@xantor.tk
CC: gnupg-users <gnupg-users@gnupg.org>
Subject: Re: cannot send public key
In case your public key does contain a=20
photographic ID: I just learned that the=20
HKP-Servers do not accept such keys. Use an LDAP=20
server, such as ldap://pgp.surfnet.nl:11370.
Regards,
- --=20
Ruediger.
After your lover has gone you will still have
PEANUT BUTTER!
Use my PGP key (0xC2303358).
- --__--__--
Message: 11
Date: Tue, 30 Jul 2002 09:07:35 -0400
From: David Shaw <dshaw@jabberwocky.com>
To: gnupg-users@gnupg.org
Subject: Re: Signing Keys w/ Multiple User IDs
On Tue, Jul 30, 2002 at 10:41:29AM +0200, Adrian 'Dagurashibanipal' von =
Bidder wrote:
> On Tue, 2002-07-30 at 04:24, David Shaw wrote:
>=20
> [which uid to sign?]
>=20
> > In the specific case you mention (a key used to verify a software
> > package), it does not matter. This is because in this case, the key
> > is located by its key ID and not a particular user ID. Signing one =
or
> > all of the user IDs will have the same function of trusting the key.
>=20
> Summarized (please correct me if I'm wrong):
>=20
> If you're encrypting, key lookup is per userid, so it matters which =
uid
> you signed.
> If you're verifying signatures, key lookup is per keyid, because the
> signature does not store any 'signer' userid.
Correct. There is actually a way in the OpenPGP spec of indicating
which user ID within a key did the signing, but this is generally not
used.
> I've had a lengthy discussion about what a userid - and a signature on =
a
> userid - exactly means (especially because userid is really limited to
> e-mail [1]) and would be interested to know if the trust model will =
get
> some reworking in the future (g10 Code lists reworking the trust model
> on their TODO list...)
A user ID is just a blob of bytes that indicates something about the
owner of the key. This blob can be a text string, a photo, or
whatever you like. A signature on a user ID means, in effect, "I
believe this user ID matches a human being that controls this key".
I'm not sure if this is what Werner was referring to in the TODO list,
but there is also the notion of a "trust signature", which is somewhat
different from the above trust model, and is based on "Modelling a
Public-Key Infrastructure" by Ueli Maurer
(ftp://ftp.inf.ethz.ch/pub/crypto/publications/Maurer96b.pdf). I
actually have a GnuPG implementation of this working, but it is too
experimental for the 1.2 release. Trust signatures are interesting as
they let you make statements like "I trust Alice completely, but only
when she is signing keys in the example.com domain". This sort of
thing is useful in the corporate world, where the Big Boss can
delegate key signing responsiblity to others with this method.
David
- --=20
David Shaw | dshaw@jabberwocky.com | WWW =
http://www.jabberwocky.com/
+------------------------------------------------------------------------=
---+
"There are two major products that come out of Berkeley: LSD and =
UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson
- --__--__--
Message: 12
Date: Tue, 30 Jul 2002 17:10:49 +0300
To: gnupg-users@gnupg.org
From: Charly Avital <shavital@netbox.com>
Subject: MacGPG 1.0.7 - Two pubrings?
Hi,
Running MacGPG 1.0.7, under MacOS X 10.1.5, I have
1. pubring.gpg an encrypted file
2. pubring.gpg- (with an extra -) a document.
Both files have the same volume, the same 'Date Modified', and the same
permissions:
Owner Group Everyone
shavital staff
rw =20
Question: Why two pubring.gpg files?
If I have to get rid of one of them, which one?
Thanks for your attention.
Charly
- --__--__--
Message: 13
Date: Tue, 30 Jul 2002 12:22:28 -0500
From: Michael Kaipust <mkaipus@qwest.com>
Organization: U S WEST Information Technologies, Inc.
To: "gnupg-users@gnupg.org" <gnupg-users@gnupg.org>
Subject: configure/make issues on HPUX=20
Is anyone familiar with HPUX specific tweaking for 'configure' or
'Makefile' files?
Configure is yielding numerous error messages (sample follows). Are the
errors acceptable?
configure:2203: checking whether we are using the GNU C compiler
configure:2224: cc -c conftest.c >&5
cc: "configure", line 2215: error 1000: Unexpected symbol: "me".
cc: "configure", line 2215: error 1588: "choke" undefined.
configure:2227: $? =3D 1
configure: failed program was:
#line 2209 "configure"
#include "confdefs.h"
int
main ()
{
#ifndef __GNUC__
choke me
#endif
;
return 0;
}
configure:2245: result: no
configure:2251: checking whether cc accepts -g
configure:2269: cc -c -g conftest.c >&5
configure:2272: $? =3D 0
configure:2275: test -s conftest.o
configure:2278: $? =3D 0
configure:2288: result: yes
'Make' command gets following fatal error:
No suffix list.
make all-recursive
No suffix list.
Making all in intl
Making all in zlib
Making all in util
Making all in mpi
Making all in cipher
make all-am
Making all in tools
Making all in g10
Making all in keyserver
Making all in po
Making all in doc
Make: line 180: syntax error. Stop.
*** Error exit code 1
Stop.
*** Error exit code 1
Stop.
- --__--__--
Message: 14
Date: Tue, 30 Jul 2002 20:34:06 +0300
To: gnupg-users@gnupg.org
From: Charly Avital <shavital@netbox.com>
Subject: MacGPG 1.0.7 - Two pubrings?
Hi,
>Charly Avital wrote:
>Running MacGPG 1.0.7, under MacOS X 10.1.5, I have
>1. pubring.gpg an encrypted file
>2. pubring.gpg- (with an extra -) a document.
[...]
Apologies and disregard question.=20
The second pubring is pubring.gpg~ ,with appended tilde, not hyphen.=20
It's probably a backup.
Sorry.
Charly
- --__--__--
Message: 15
Date: Tue, 30 Jul 2002 14:20:05 -0400 (EDT)
From: Gerald Waugh <gwaugh@frontstreetnetworks.com>
To: gnupg-users@gnupg.org
Subject: (no subject)
Does the openssl vulnerabilities announced this am
affect gnupg?
- --
Gerald Waugh <gwaugh@frontstreetnetworks.com>
http://frontstreetnetworks.com | Website Hosts & SOHO Networks
229 Front Street, Ste.#C, New Haven, CT. 06513 United States
voice +1 203-785-0699 | fax +1 203-785-1787
- --__--__--
Message: 16
Date: Tue, 30 Jul 2002 14:28:19 -0400
From: David Shaw <dshaw@jabberwocky.com>
To: gnupg-users@gnupg.org
Subject: GnuPG and OpenSSL (was Re: (no subject))
On Tue, Jul 30, 2002 at 02:20:05PM -0400, Gerald Waugh wrote:
>=20
> Does the openssl vulnerabilities announced this am
> affect gnupg?
No. GnuPG does not use OpenSSL.
David
- --=20
David Shaw | dshaw@jabberwocky.com | WWW =
http://www.jabberwocky.com/
+------------------------------------------------------------------------=
---+
"There are two major products that come out of Berkeley: LSD and =
UNIX.
We don't believe this to be a coincidence." - Jeremy S. Anderson
- --__--__--
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
End of Gnupg-users Digest
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (MingW32)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAj1G5RwACgkQBbTyHSd8yPz9xACgmMF1qiyyd5zT7Z5rsSv74NRt
LvgAmQEv6bKz0gFmKD9auoh30LFXBegP
=3DPnnS
-----END PGP SIGNATURE-----