Mandrake Linux Security Advisory : gnupg (MDKSA-2000:087)
Medium Nessus Plugin ID 61873
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionWhen importing keys from public key servers, GnuPG will import private keys (also known as secret keys) in addition to public keys. If this happens, the user's web of trust becomes corrupt. Additionally, when used to check detached signatures, if the data file being checked contains clearsigned data, GnuPG will not warn the user if the detached signature is incorrect.
SolutionUpdate the affected gnupg package.