KeePass2 v 2.34 to fix the update security problem

KeePass2 v 2.34 to fix the update security problem
22 points by SNvD7vEJ 1 hour ago | past | web | 14 comments From the KeePass site: order to prevent a man in the middle from making KeePass display incorrect version information (even though this does not imply a successful attack, see above), the version information file is now digitally signed (using RSA-2048 and SHA-512).KeePass 2.34 and higher only accept such a digitally signed version information file. This solution is more secure than just using HTTPS, because it guarantees version information safety even when the webserver is compromised (the private key for signing the version information is not stored on the webserver).Downloads page:
The update has NOT yet been released, as of (CET 11:30 2016-06-06)

| Support
| Security
| Lists
| Bookmarklet
| Apply to YC
| Contact

Original URL:

Original article

Comments are closed.

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: