Chirp!
  • Login
Chirp! is a GNU Social instance for the Cooley and Sekula families and their friends.

  • Public

    • Public
    • Network
    • Groups
    • Popular
    • People

Conversation

Notices

  1. Neal Walfield (nwalfield@mastodon.social)'s status on Friday, 20-May-2022 02:33:09 UTC Neal Walfield Neal Walfield

    Thunderbird recently issued two CVEs related to unencrypted secret key material. In CVE-2021-29956, TB forgot to encrypt the secret key material for newly imported keys. In CVE-2021-29950, which introduced the previous CVE, they forgot to reprotect secret key material in memory. In this blog post, I discuss what we can learn. https://sequoia-pgp.org/blog/2021/05/22/202105-a-look-at-two-recent-cves-in-thunderbirds-openpgp-support/

    In conversation Friday, 20-May-2022 02:33:09 UTC from mastodon.social permalink

    Attachments

    1. No result found on File_thumbnail lookup.
      A Look at Two Recent CVEs in Thunderbird's OpenPGP Support
      Sequoia is a modular OpenPGP implementation in Rust.

    Feeds

    • Activity Streams
    • RSS 2.0
    • Atom
    • Help
    • About
    • FAQ
    • Privacy
    • Source
    • Version
    • Contact

    Chirp! is a social network. It runs on GNU social, version 2.0.1-beta0, available under the GNU Affero General Public License.

    Creative Commons Attribution 3.0 All Chirp! content and data are available under the Creative Commons Attribution 3.0 license.