Bugs related to MIT PGP should be sent to
[email protected]. You will
want to check
the
MIT PGP FAQ with the complete bug list for MIT PGP
before reporting a bug to make sure that the bug hasn't been reported
already. If it is a serious bug, you should also post it to
comp.security.pgp.announce or .tech. Serious bugs are bugs that affect the security of
the program, not compile errors or small logic errors.
Post all of your bug reports concerning non-MIT versions of PGP to
comp.security.pgp.tech, and forward a copy to me for possible inclusion in
future releases of the FAQ. Please be aware that the authors of PGP
might not acknowledge bug reports sent directly to them. Posting them
on USENET will give them the widest possible distribution in the
shortest amount of time.
The following list of bugs is limited to version 2.4 and later, and is
limited to the most commonly seen and serious bugs. For bugs in
earlier versions, refer to the documentation included with the
program. If you find a bug not on this list, follow the procedure
above for reporting it.
- The PGP 2.6.2 sources do not build under Linux/ELF. To build
an ELF binary for PGP 2.6.2, two changes to source files 80386.S and zmatch.S
are necessary. Both files contain an #ifdef directive
that needs to be changed. Change
#ifndef SYSV
to
#if !defined(SYSV) && !defined(__ELF__)
and change
#ifdef SYSV
to
if defined(SYSV) ||
defined(__ELF__)
.
- MIT PGP 2.6 had a bug in the key generation process which made keys
generated by it much less random. Fixed in 2.6.1.
- All versions of PGP except MIT PGP 2.6.2 are susceptible to a "buglet"
in clearsigned messages, making it possible to add text to the
beginning of a clearsigned message. The added text does not appear in
the PGP output after the signature is checked. MIT PGP 2.6.2 now does
not allow header lines before the text of a clearsigned message and
enforces RFC 822 syntax on header lines before the signature. Since
this bug appears at checking time, however, you should be aware of
this bug even if you use MIT PGP 2.6.2 - the reader may check your
signed message with a different version and not read the output.
- MIT PGP 2.6.1 was supposed to handle keys between 1024 and 2048 bits
in length, but could not. Fixed in 2.6.2.
- MIT PGP 2.6.2 was supposed to enable the generation of keys up to 2048
bits after December 25, 1994; a one-off bug puts that upper limit at
2047 bits instead. It has been reported that this problem does not
appear when MIT PGP is compiled under certain implementations of Unix.
The problem is fixed in versions 2.7.1 and 2.6.2i, as well as the Mac
versions.
- PGP 2.6ui continues to exhibit the bug in 2.3a where conventionally
encrypted messages, when encrypted twice with the same pass phrase,
produce the same ciphertext.
- MIT MacPGP cannot find your secret key when your user ID is not
specified, even though it can find the secret keyring. This is due
to an uninitialized pointer, which is supposed to point to your user
ID. The workaround is simple: edit the configuration file so it
has
Myname = "your userid"
, and MacPGP will be able to
find your secret key. This has been fixed in FatMacPGP 2.6.2 and 2.6.3.
See also question 2.13.
- ViaCrypt has reported a bug in freeware PGP affecting at least PGP
2.3a and MIT PGP 2.6, 2.6.1, and 2.6.2. This bug affects signatures
made with keys between 2034 and 2048 bits in length, causing them to
be corrupted. Practically speaking, this bug only affects versions of
PGP that support the longer key lengths. ViaCrypt reports that this
only seems to be a problem when running PGP on a Sun SPARC-based
workstation. ViaCrypt PGP 2.7.1 and PGP 2.6.2i do not suffer from
this bug. The following patch will fix the problem in MIT PGP 2.6.2:
<===== begin patch (cut here)
- --- crypto.c.orig Mon Mar 20 22:30:29 1995
+++ crypto.c Mon Mar 20 22:55:32 1995
@@ -685,7 +685,7 @@
byte class, unitptr e, unitptr d, unitptr p, unitptr q, unitptr u,
unitptr n)
{
- - byte inbuf[MAX_BYTE_PRECISION], outbuf[MAX_BYTE_PRECISION];
+ byte inbuf[MAX_BYTE_PRECISION], outbuf[MAX_BYTE_PRECISION+2];
int i, j, certificate_length, blocksize,bytecount;
word16 ske_length;
word32 tstamp; byte *timestamp = (byte *) &tstamp;
<===== end patch (cut here)
- The initial release of PGP 2.6.2i contained a bug related to
clearsigned messages; signed messages containing international
characters would always fail. For that reason, it was immediately
pulled from distribution and re-released later, minus the bug. If you
have problems with 2.6.2i, make sure you downloaded your copy after 7
May 1995.
- As reported by Steven Markowitz <[email protected]>,
the following bugs exist in PGP 4.0 Business Edition (the commercial
version):
- Signature retirement does not work. When I retire a key signature,
PGP still treats the key as signed. If I remove the signature from
pubring.pgp, but leave the retirement certificate in the keyring, PGP
still treats the key as signed.
- Although encrypt-only keys cannot be used to sign documents, PGP
allows them to be used to make key signatures.
- The international version of PGP has the undocumented
+makerandom
command, which can generate a file full of
random data. Unfortunately, it does not work as intended, because the
random number generator is not initialized properly. This does not
affect normal PGP operation; the bug is only present when
+makerandom
is used.