Critical vulnerability in libgcrypt 1.9.0
On January 28, a 0-day vulnerability was discovered in the libgcrypt cryptographic library by a certain Tavis Ormandy from Project Zero (a group of security specialists at Google who look for 0-day vulnerabilities). Only version 1.9.0 (now renamed on the upstream FTP server to avoid accidental downloading) is affected. Incorrect assumptions in the code can result in a buffer overflow, potentially leading to remote code execution. Overflow may […]