-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 01 Jan 2026 15:54:00 +0100 Source: gnupg2 Binary: dirmngr dirmngr-dbgsym gnupg-utils gnupg-utils-dbgsym gpg gpg-agent gpg-agent-dbgsym gpg-dbgsym gpg-wks-client gpg-wks-client-dbgsym gpg-wks-server gpg-wks-server-dbgsym gpgconf gpgconf-dbgsym gpgsm gpgsm-dbgsym gpgv gpgv-dbgsym gpgv-static gpgv-static-dbgsym gpgv-udeb scdaemon scdaemon-dbgsym Architecture: amd64 Version: 2.2.40-1.1+deb12u2 Distribution: bookworm Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-csail-01) Changed-By: Daniel Kahn Gillmor Description: dirmngr - GNU privacy guard - network certificate management service gnupg-utils - GNU privacy guard - utility programs gpg - GNU Privacy Guard -- minimalist public key operations gpg-agent - GNU privacy guard - cryptographic agent gpg-wks-client - GNU privacy guard - Web Key Service client gpg-wks-server - GNU privacy guard - Web Key Service server gpgconf - GNU privacy guard - core configuration utilities gpgsm - GNU privacy guard - S/MIME version gpgv - GNU privacy guard - signature verification tool gpgv-static - minimal signature verification tool (static build) gpgv-udeb - minimal signature verification tool (udeb) scdaemon - GNU privacy guard - smart card support Closes: 1124221 Changes: gnupg2 (2.2.40-1.1+deb12u2) bookworm; urgency=high . * Address four issues from https://gpg.fail, including: + Fix CVE-2025-68973 (Closes: #1124221) + Avoid potential downgrade to SHA1 in 3rd party key signatures. + Error out on unverified output for non-detached signatures. + Do not use a default when asking for another output filename. * d/control: Point Vcs-Git to the correct branch Checksums-Sha1: e9481a5e6b0bcedb6dc1913de13c6d06e36691ba 990080 dirmngr-dbgsym_2.2.40-1.1+deb12u2_amd64.deb c97147d6202b922d1bec8b3f4bf2d2783dcb2979 792544 dirmngr_2.2.40-1.1+deb12u2_amd64.deb 2366a05eb813e15f428385f02b3470677a8d1c7f 1644880 gnupg-utils-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 76586467b7077980fb89791776df9317a3777ae4 927232 gnupg-utils_2.2.40-1.1+deb12u2_amd64.deb 50705bfbb73dc5015e41fcaac568c6f87a796156 16981 gnupg2_2.2.40-1.1+deb12u2_amd64-buildd.buildinfo fc8f74a76c2b4567f15c7a5b1e8621e690733046 1000684 gpg-agent-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 540d9b3a654b86496aafbb4b0b0aa1ec99ae6533 694596 gpg-agent_2.2.40-1.1+deb12u2_amd64.deb 339830c675042a3ae50b6b4bccc2ecfa1ce67513 1282848 gpg-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 51a54ec7de4423c3609700e458113b4ce48b2eda 306908 gpg-wks-client-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 1cb00b56ec6d8f73ed334f7457b7931955fa2ee0 540932 gpg-wks-client_2.2.40-1.1+deb12u2_amd64.deb cb9fd8c0cf32f99caa8d5ddbc59895f0ac115b9f 281972 gpg-wks-server-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 4b907982651d5d7bf6fc8aeefa4c0387e80deaf0 531476 gpg-wks-server_2.2.40-1.1+deb12u2_amd64.deb 78a53f9aa80df3b110694ab0f5158226b120927e 949888 gpg_2.2.40-1.1+deb12u2_amd64.deb d116b06f7f42b8c500b482ad734c49eabdc97c03 393364 gpgconf-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 5e7ffa58ff2b3be70905f8b5ba5419f422ec876f 564852 gpgconf_2.2.40-1.1+deb12u2_amd64.deb 9d8800958a2265727edeb5a7b733d6710b5c687d 652208 gpgsm-dbgsym_2.2.40-1.1+deb12u2_amd64.deb c374a0dfc019f983194212707e4db965d17d08b0 671420 gpgsm_2.2.40-1.1+deb12u2_amd64.deb 6cecaac65e78a7faf96088ad3323cfa4992394a8 615244 gpgv-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 1af9d38ec982e0ce474d007dfee98952f00e2016 667184 gpgv-static-dbgsym_2.2.40-1.1+deb12u2_amd64.deb a558556ed5dc266113ac08d282b1a8b0610cd562 1495560 gpgv-static_2.2.40-1.1+deb12u2_amd64.deb a85a75ffc7eaddac29eaf425c0f7077043bc182f 200352 gpgv-udeb_2.2.40-1.1+deb12u2_amd64.udeb 4f4a8e64dad17f0592a9766e7e00295b8fb6ed89 648768 gpgv_2.2.40-1.1+deb12u2_amd64.deb 462e0f49a8bb38422ac3565fa40a6943a896994b 572536 scdaemon-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 772295b6bd84fe23a1712951f08f3ac134d3b907 649372 scdaemon_2.2.40-1.1+deb12u2_amd64.deb Checksums-Sha256: 80421b2860145427d2b5bf38beba2d93592974a799eda2425d0b829950852afc 990080 dirmngr-dbgsym_2.2.40-1.1+deb12u2_amd64.deb eabfd0d1c36729953794ad1f44536dda982b17d1177de6bd88f3e2d5b8b5de6d 792544 dirmngr_2.2.40-1.1+deb12u2_amd64.deb 48e94c4099e82450078351977c1d2fb372e2aeade1d740a9b1eeddf282d8a634 1644880 gnupg-utils-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 2debe27465da15044af798a57c7c2c4e4832c1ed3f7dfefe1f233ffbce3a7a0f 927232 gnupg-utils_2.2.40-1.1+deb12u2_amd64.deb c7f2d07dfd5a7076e6fa16a490c4545471c3d118ae7d5ce6774519de18f8ad40 16981 gnupg2_2.2.40-1.1+deb12u2_amd64-buildd.buildinfo 80dc8a600449d5d8e2bb4fb5153b41551007321621b9b67ae6194f09b5fa2167 1000684 gpg-agent-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 3f6b29302a0c0478358efb7e6d7b98e5a246db4287659494975423e482328caa 694596 gpg-agent_2.2.40-1.1+deb12u2_amd64.deb ac6b5b2ee4fd0a535cd6ff473b3fff7da17c66db0a5066a9b59dce6f35c4e6e5 1282848 gpg-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 6a55e63d7892bacffef577091beb7dec4730d982666e5d842d78fba913670d7a 306908 gpg-wks-client-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 29f98a5680a5c59d8f7ef6d188c95c6d8f5d07be8cfd64d85a9d9ce7ee032f35 540932 gpg-wks-client_2.2.40-1.1+deb12u2_amd64.deb 7cc6d6168cdaec563c31f0f9087613ef2ea997db44a001c08eecbe8e808bc6a4 281972 gpg-wks-server-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 1876b0086c2cdb2847121d25c487886f262a22c0e8c04df3875d73b4fe765590 531476 gpg-wks-server_2.2.40-1.1+deb12u2_amd64.deb 5bb24757dc7206f42f419cc1309a4496d1e8ef2b1b539e095ad1c173ef6aa65d 949888 gpg_2.2.40-1.1+deb12u2_amd64.deb bfbdb27aa818d625ac7cc0fea8c6d2762192130d30d8e14e8e522ed16e3b6cd9 393364 gpgconf-dbgsym_2.2.40-1.1+deb12u2_amd64.deb ce17a8b76468d3f4d6448efdeb5dab8a2613a9e0eb2c37f0987418a0d3ebd5a0 564852 gpgconf_2.2.40-1.1+deb12u2_amd64.deb 74467d5bb1265818ada654e3a47d835452ffcf4addab48e0383c4da5e77a8980 652208 gpgsm-dbgsym_2.2.40-1.1+deb12u2_amd64.deb de6c4f4b26a0534a417f7bc0f9b70ae4dc865d9e1fd83aeb698a24bffea37f8c 671420 gpgsm_2.2.40-1.1+deb12u2_amd64.deb c755872cf59fcac264b81701b7c277bb1ad6101b47788d44210d846060de15e0 615244 gpgv-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 3ab972481b83fd016b53ac297d3e15402176b79f3a36df5c39359e71da664f36 667184 gpgv-static-dbgsym_2.2.40-1.1+deb12u2_amd64.deb ef62706f03a347adcb2a795a9fd295e9f7e559da88cdec1163f40437d5d1a27b 1495560 gpgv-static_2.2.40-1.1+deb12u2_amd64.deb 6ee036bd5c29e2873e0fc595741886efdcb8d65270b64fb480e101007ef3580f 200352 gpgv-udeb_2.2.40-1.1+deb12u2_amd64.udeb 2966dc0a0b89caa65c3b4a386fa4ed0b6ca2239cd51ec40e6920507aedcdb14a 648768 gpgv_2.2.40-1.1+deb12u2_amd64.deb 45bfcc1a49bcd5ab9414f388d66f58f7f53c7e723b5fe7ebca07600ddb9358e9 572536 scdaemon-dbgsym_2.2.40-1.1+deb12u2_amd64.deb b4c7aaa75605ebc0e05721f2e06e1d275cee431770971f3c810a05aa4b9e7cce 649372 scdaemon_2.2.40-1.1+deb12u2_amd64.deb Files: 7ba5324e290ccb5f409f6e14b18db9d3 990080 debug optional dirmngr-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 9a59ba46e0703f5b842f4744e08d301a 792544 utils optional dirmngr_2.2.40-1.1+deb12u2_amd64.deb 98ef660fac5544c90bf16dbb9cdfd632 1644880 debug optional gnupg-utils-dbgsym_2.2.40-1.1+deb12u2_amd64.deb abbf7c8951f5f82f7ba3fa1e4f517e3f 927232 utils optional gnupg-utils_2.2.40-1.1+deb12u2_amd64.deb d66751996c6e039eadfcfb0d0bf08ff5 16981 utils optional gnupg2_2.2.40-1.1+deb12u2_amd64-buildd.buildinfo 17668bc28fc6c2414c726f55ed9cf5db 1000684 debug optional gpg-agent-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 63e9134c00bab36b6d85ae8b206c0265 694596 utils optional gpg-agent_2.2.40-1.1+deb12u2_amd64.deb 47c09c57c1d06b933b39895dcc9806cb 1282848 debug optional gpg-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 96f3fa6cfcd2c763c2ca3bd3dbe51a65 306908 debug optional gpg-wks-client-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 89e914a13a2e6bae2ed48f8502b968cd 540932 utils optional gpg-wks-client_2.2.40-1.1+deb12u2_amd64.deb 45f74e0d7d2399f93acb033001ef1cc9 281972 debug optional gpg-wks-server-dbgsym_2.2.40-1.1+deb12u2_amd64.deb bd0c7629bb588e5e9f99ef207547820c 531476 utils optional gpg-wks-server_2.2.40-1.1+deb12u2_amd64.deb dca580e864d1d5a514447e5a3a18e5ab 949888 utils optional gpg_2.2.40-1.1+deb12u2_amd64.deb 6528f623e7de2b99a130b1203b01fc4a 393364 debug optional gpgconf-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 3dee750aaba2ef982bf4ebf185671d22 564852 utils optional gpgconf_2.2.40-1.1+deb12u2_amd64.deb 01ba668c7d78f7ad80c0601489a088e5 652208 debug optional gpgsm-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 8935109fc6c91ee6afb29c2f8ce8d592 671420 utils optional gpgsm_2.2.40-1.1+deb12u2_amd64.deb 7e30d75ffb1796e2a176b7092c2b00d4 615244 debug optional gpgv-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 0d9363744cd77f3851439dd5a9c48331 667184 debug optional gpgv-static-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 6c5b16327d841ff3eac148ee7118e757 1495560 utils optional gpgv-static_2.2.40-1.1+deb12u2_amd64.deb fd2b82a2285c6e0c77e797dd70ce05d2 200352 debian-installer optional gpgv-udeb_2.2.40-1.1+deb12u2_amd64.udeb 9175586ceff474433282ec7a1cb209c5 648768 utils important gpgv_2.2.40-1.1+deb12u2_amd64.deb db79aa9d37d8cd4c09b8fcf919d7ce9d 572536 debug optional scdaemon-dbgsym_2.2.40-1.1+deb12u2_amd64.deb 9044064f54bd7d01897e8ab3a66a6a96 649372 utils optional scdaemon_2.2.40-1.1+deb12u2_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEXNeYFUF3FbHcrtSeIy3Pg040HrAFAmlYYBMACgkQIy3Pg040 HrC2+w//ZubXBzQQusED0ZkvZQmh94MoSAAaM0ya7Ro9LUCy45eohsiWUzz3Gu6x BImEWvA4LzHfaxsx8bKuBzoEeMNoS8+VrtEthAUTqR7bkWi/Ppw+965VNfrezRM+ N0sU7vl90vDnZrSu/CG0AmxK0stVhCZh3qDu5VkUcVgXQemKBTkRBuMikLVBJlhD rF+9VsY7HTwgdZSF2+zB9o16i4DXr0++sH8JZVRMi7sByNnpMFgktm4DVd7OrR2I Vg8HoUY5cjDI3Kec7vKfJWdpLkEQ8L2F5DhdH1bFXg/uVGL52KCQ1pIN7H48kxPH H4EHR3txH5x/yXuhmbveRMNncj0FQhscy3M/rx74lI05WRXUh9DVN7mgSXuO9Y3E FKQYZ4l2Pk0nCCRAz6f5aIg1STeu2+VFzEQ0qpQmCE6JonEZPAAnDTTJtNWsR7iX MZRiPMwcNhIbT2iVRSsAN6KZHgZZWIBE7TwUJ1GA2bgCAZalSYGueDhm0VZjqvtW HTlQi3gKtEJhIJESk+mAYpWCTWuol/0l//wGX+NXyctV220sJEEWEuZrz9ZYKflb ykThO+DwdCiFMCCFMbmH/LpMco0xaDVehpQLbys4O5Fq4APVOEOmnj/VByZ9DbDP +hWXUSglHjjWOzMsM97O7zPTTjgFAgXvviv7RTI4JukDs7CUc74= =A9Q4 -----END PGP SIGNATURE-----