Wow...

Cleartext message spoofing in Go Cryptography Libraries (CVE-2019-11841)

When inserting the “LINE TABULATION” character, the header text after the attached character looks as if it were part of a message when it is actually part of the Armor Header. The signature verification performed by the library determined all signatures to be valid

sec-consult.com/en/blog/adviso

quey

Welcome to quey.org! quey is a general and moderated Mastodon instance. Publish anything you want: links, pictures, text, mp3 & video. All on a platform that is community-owned and ad-free.