duraconf icon indicating copy to clipboard operation
duraconf copied to clipboard
verified publisher icon ioerror

remove keyserver in gpg.conf and include dirmng.conf (CVE-2019-13050)

Open lestephane opened this issue 6 years ago • 1 comments

As described in https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f

the mitigations includes

  1. Open gpg.conf in a text editor. Ensure there is no line starting with keyserver. If there is, remove it.
  2. Open dirmngr.conf in a text editor. Add the line keyserver hkps://keys.openpgp.org to the end of it.

So at the very least, the gpg.conf file needs reviewing. I'm looking for a good known configuration with sane defaults, came up empty so far.

lestephane avatar Aug 14 '19 08:08 lestephane

@lestephane, have you found another source on a more up-to-date and hardened gpg.conf file?

rolandog avatar Dec 16 '19 13:12 rolandog