Solar Designer <[email protected]> writes: > On Sat, Dec 27, 2025 at 07:29:53PM -0500, Demi Marie Obenour wrote: >> https://gpg.fail lists many vulnerabilities in GnuPG, one of which >> allows remote code execution. All are zero-days to the best of >> my knowledge. > > Thanks. I wish this were brought in here by the researchers, but since > it was not and since we require actual content here (not just links),
Indeed. I'll note that several of the vulnerability pages (say https://gpg.fail/sha1) have: > Upcoming Timeline: > [...] > 21.12.2025: Disclosure of this report on https://seclists.org/fulldisclosure/ But I've not been able to find such a report there either.
signature.asc
Description: PGP signature
