View Issue Details

IDProjectCategoryView StatusLast Update
0000460Main CAcert WebsiteGPG/PGPpublic2013-11-20 22:23
Reporterevaldo Assigned ToSourcerer  
PriorityimmediateSeverityblockReproducibilityalways
Status closedResolutionfixed 
PlatformMain CAcert WebsiteOSN/A 
Fixed in Version2012 Q2 
Summary0000460: Please disable GPG signing until we have a production-quality system
DescriptionNumerous serious bugs have been reported and seem unresolved on the bug tracker.

This can lead to major compromise within the GPG subsystem. Therefore I request the GPG subsystem to be disabled until the bugs have been resolved.
TagsNo tags attached.
Reviewed by
Test Instructions

Relationships

related to 0000246 closedSourcerer gpg signing sometimes does not work 
related to 0000258 closedSourcerer signs uids with unverified email addresses 
related to 0000455 closed GPG key without E-mail address cannot be signed 
related to 0000236 closedSourcerer I always get "No emails found on your key" when trying to sign a GPG Pubkey 
related to 0000184 closedSourcerer No Resigning, when GPG-Key is signed 
related to 0000208 closedSourcerer [security bug] unverified SQL injeciton in gpg.php 
related to 0000012 closedSourcerer revoked subkeys are also tried to be signed 
related to 0000227 closedSourcerer mysql_real_escape_string sometimes prevents adding of gpg keys 
related to 0000057 closedSourcerer Recognize multiple GPG keys in a signing request 
related to 0000251 needs workSourcerer PGP Certifikat revoken / löschen 
related to 0000447 closedSourcerer You can have any arbitrary userid signed with the cacert root key 

Activities

evaldo

2007-10-27 21:41

developer   ~0000929

System is shut down, pending security fixes. Being shut down, no major problems are expected from this system.

evaldo

2007-11-21 22:15

developer   ~0000958

Please disable it again until it is completely fixed. See note 957 on bug 447.

Please treat _production_ system with the necessary caution, enabling it while we don't know if it's fixed was a bad move.

NEOatNHNG

2012-05-30 20:43

administrator   ~0003026

Almost all of the related issues are resolved. The one remaining is more of a feature request.

Werner Dworak

2013-01-13 11:42

updater   ~0003649

More than 3 Month solved and no complaints.

Issue History

Date Modified Username Field Change
2007-10-24 05:09 evaldo New Issue
2007-10-24 05:09 evaldo Status new => needs work
2007-10-24 05:09 evaldo Assigned To => Sourcerer
2007-10-24 05:09 evaldo Relationship added related to 0000246
2007-10-24 05:09 evaldo Relationship added related to 0000258
2007-10-24 05:09 evaldo Relationship added related to 0000455
2007-10-24 05:10 evaldo Relationship added related to 0000236
2007-10-24 05:10 evaldo Relationship added related to 0000184
2007-10-24 05:10 evaldo Relationship added related to 0000208
2007-10-24 05:10 evaldo Relationship added related to 0000344
2007-10-24 05:11 evaldo Relationship added related to 0000012
2007-10-24 05:11 evaldo Relationship added related to 0000227
2007-10-24 05:11 evaldo Relationship added related to 0000057
2007-10-24 05:12 evaldo Relationship added related to 0000251
2007-10-24 05:15 evaldo Relationship added related to 0000232
2007-10-24 05:16 evaldo Relationship added related to 0000447
2007-10-24 06:23 evaldo Relationship deleted related to 0000344
2007-10-27 21:41 evaldo Status needs work => closed
2007-10-27 21:41 evaldo Note Added: 0000929
2007-10-27 21:41 evaldo Resolution open => suspended
2007-11-04 01:34 Sourcerer Relationship deleted related to 0000232
2007-11-21 22:15 evaldo Status closed => needs feedback
2007-11-21 22:15 evaldo Resolution suspended => reopened
2007-11-21 22:15 evaldo Note Added: 0000958
2012-05-30 20:43 NEOatNHNG Note Added: 0003026
2012-05-30 20:43 NEOatNHNG Status needs feedback => solved?
2012-05-30 20:43 NEOatNHNG Resolution reopened => fixed
2013-01-13 08:21 INOPIAE Fixed in Version => 2012 Q2
2013-01-13 11:42 Werner Dworak Note Added: 0003649
2013-01-13 11:42 Werner Dworak Status solved? => closed
2013-11-20 22:23 NEOatNHNG View Status private => public