GNU bug report logs - #26587
26.0.50; Gnus signs with false S/MIME key

Previous Next

Packages: gnus, emacs;

Reported by: Torsten Bronger <bronger <at> physik.rwth-aachen.de>

Date: Fri, 21 Apr 2017 11:42:02 UTC

Severity: normal

Tags: fixed, security

Found in version 26.0.50

Fixed in version 27.1

Done: Lars Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Lars Ingebrigtsen <larsi <at> gnus.org>
To: Torsten Bronger <bronger <at> physik.rwth-aachen.de>
Cc: 26587 <at> debbugs.gnu.org
Subject: bug#26587: 26.0.50; Gnus signs with false S/MIME key
Date: Fri, 11 Oct 2019 09:29:58 +0200

Torsten Bronger <bronger <at> physik.rwth-aachen.de> writes:

> I don’t know how to edebug, so before learning this, I wrote a
> wrapper for gpgsm, logging the parameters.  When sending the
> message, gpgsm is called once, with the parameters
>
> gpgsm --no-tty --status-fd 1 --yes --output /tmp/epg-outputmEnG08 --detach-sign
>
> In particular, I don’t see "-u"s here.

Ah, right.  Since mml-secure-smime-signers was nil for you, then no -u
is added, and gpgsm will (by itself) default to the first certificate in
its store.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

This bug report was last modified 4 years and 296 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #26587 26.0.50; Gnus signs with false S/MIME key

GNU bug report logs - #26587
26.0.50; Gnus signs with false S/MIME key