From 987ef7a6b59d13fc33ce5ebcbc8ea99e57292f94 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dominik=20Sch=C3=BCrmann?= Date: Thu, 5 Jan 2017 21:54:42 +0100 Subject: [PATCH] Updated cure53 Security Audit 2015 (markdown) --- cure53-Security-Audit-2015.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cure53-Security-Audit-2015.md b/cure53-Security-Audit-2015.md index 2227082..93718d1 100644 --- a/cure53-Security-Audit-2015.md +++ b/cure53-Security-Audit-2015.md @@ -1,6 +1,6 @@ The Security Audit can be downloaded at https://cure53.de/pentest-report_openkeychain.pdf -All identified vulnerabilities has been discussed with cure53 and fixed in OpenKeychain 3.6. Only OKC-01-006 has not been fixed because it is not in our threat model. We will work on two "Miscellaneous Issues" (not vulnerabilities) for a future version of OpenKeychain. +All identified vulnerabilities has been discussed with cure53 and fixed in OpenKeychain 3.6. OKC-01-006 has been fixed in 4.2. We will work on two "Miscellaneous Issues" (not vulnerabilities) for a future version of OpenKeychain. ## Identified Vulnerabilities ### OKC-01-001 Private Keys can be imported from Keyserver (Medium)