Closed keisentraut closed 8 years ago
Version 0.30 has been released: http://www.mew.org/~kazu/proj/pgpdump/en/
I wrote cve-assign@mitre.org about this, they assigned CVE-2016-4021 for this vulnerability. Please see CVE-2016-4021_MITRE_Reply.txt for their answer.
@keisentraut Thank your your contribution to make pgpdump more stable!
Thank you for your report. This is a serious bug.
Your patch prevents the endless loop, however, disables pgpdump to analyze anything. The above patch fixes this.