-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 01 Jan 2026 15:54:00 +0100 Source: gnupg2 Binary: dirmngr dirmngr-dbgsym gnupg-utils gnupg-utils-dbgsym gpg gpg-agent gpg-agent-dbgsym gpg-dbgsym gpg-wks-client gpg-wks-client-dbgsym gpg-wks-server gpg-wks-server-dbgsym gpgconf gpgconf-dbgsym gpgsm gpgsm-dbgsym gpgv gpgv-dbgsym gpgv-static gpgv-static-dbgsym gpgv-udeb scdaemon scdaemon-dbgsym Architecture: ppc64el Version: 2.2.40-1.1+deb12u2 Distribution: bookworm Urgency: high Maintainer: ppc64el Build Daemon (ppc64el-conova-02) Changed-By: Daniel Kahn Gillmor Description: dirmngr - GNU privacy guard - network certificate management service gnupg-utils - GNU privacy guard - utility programs gpg - GNU Privacy Guard -- minimalist public key operations gpg-agent - GNU privacy guard - cryptographic agent gpg-wks-client - GNU privacy guard - Web Key Service client gpg-wks-server - GNU privacy guard - Web Key Service server gpgconf - GNU privacy guard - core configuration utilities gpgsm - GNU privacy guard - S/MIME version gpgv - GNU privacy guard - signature verification tool gpgv-static - minimal signature verification tool (static build) gpgv-udeb - minimal signature verification tool (udeb) scdaemon - GNU privacy guard - smart card support Closes: 1124221 Changes: gnupg2 (2.2.40-1.1+deb12u2) bookworm; urgency=high . * Address four issues from https://gpg.fail, including: + Fix CVE-2025-68973 (Closes: #1124221) + Avoid potential downgrade to SHA1 in 3rd party key signatures. + Error out on unverified output for non-detached signatures. + Do not use a default when asking for another output filename. * d/control: Point Vcs-Git to the correct branch Checksums-Sha1: 86b57a524bb7789324474ce69228b61d8065e611 1006780 dirmngr-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 49f3c8d61b50dfafcc7e0b3b4cc5204c5c9fe1b5 822632 dirmngr_2.2.40-1.1+deb12u2_ppc64el.deb 6bca2a4f29a7f0ef658b29946b06a33a60ab6e33 1656012 gnupg-utils-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 0138dd00594023de24977e4255e99abec3efd22e 960296 gnupg-utils_2.2.40-1.1+deb12u2_ppc64el.deb 93ca4a38dc91925d5b846d5e4b931cbc426587ea 17103 gnupg2_2.2.40-1.1+deb12u2_ppc64el-buildd.buildinfo d7b500d419f9fb4ad6f7dc3eb91fde680d8f93a0 984904 gpg-agent-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 9a385bb0844216f3f477bf0db086d2f77904594a 712616 gpg-agent_2.2.40-1.1+deb12u2_ppc64el.deb 3514c85f2bb3cd92c43e91ca6506d29a612dde7c 1305896 gpg-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 845a692f54f62f67a56ab89e2cf70b17aa6107bd 314796 gpg-wks-client-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb baf453f27819351769c1f665412fb68fda8985d7 553764 gpg-wks-client_2.2.40-1.1+deb12u2_ppc64el.deb 2f087f112b48b9afeafdc9e758d23422ca8d877c 287976 gpg-wks-server-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 1f015c77fc2796347ed41571edf5b306c280d5af 543824 gpg-wks-server_2.2.40-1.1+deb12u2_ppc64el.deb 3007deb60f1f7e3982d4bbae8183c547e029e212 978168 gpg_2.2.40-1.1+deb12u2_ppc64el.deb 5487c7a0fad90d0b61a6b6fe06683cd53e8f0b99 390384 gpgconf-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 60907d2058998146edccfa5cb7e6fe33a0421c47 575244 gpgconf_2.2.40-1.1+deb12u2_ppc64el.deb 5ab31a3975514159690d01267017bc66c67f1321 661464 gpgsm-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 5331692b1d8c7b34a87b7a31c169dca24d6e7d25 688444 gpgsm_2.2.40-1.1+deb12u2_ppc64el.deb d805f7fbf61095256ae3cdaafbeb372cfc28d8c0 625428 gpgv-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 1648554097d8870d6081a769d3569fb50de8b0e4 672552 gpgv-static-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb e0b85fdf4a7ab0beaacdd60cdeb256d526ca7ecd 1577248 gpgv-static_2.2.40-1.1+deb12u2_ppc64el.deb 2edef755edcb05670ac6315b2d01fb039963c70a 216728 gpgv-udeb_2.2.40-1.1+deb12u2_ppc64el.udeb 05fd7d17b90f0d1fcb21064954136fff16f6e484 664884 gpgv_2.2.40-1.1+deb12u2_ppc64el.deb c65fafd28ff99672214dbd3a928cea97b7c93d14 590972 scdaemon-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 0de4ec97b68815d5684ea3398e1d1f02761de582 668228 scdaemon_2.2.40-1.1+deb12u2_ppc64el.deb Checksums-Sha256: 9ad933485786bb09e46e292fcfd0e5dd6723f70cc87001f40ef129eb8aa842d1 1006780 dirmngr-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 3ce49e4eb6ff6508d9d0b0bd3dce90f1cb6cf9fbaf2bd910a8eac0345c3d1306 822632 dirmngr_2.2.40-1.1+deb12u2_ppc64el.deb 2025e182670a7872d32cabacdb8308684dd092f0d7c4e4cf0c1210c5ee8235f3 1656012 gnupg-utils-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb e53103d2b586ac3289e5d02da5c4072a92059fb66db73258152de4e173a047e5 960296 gnupg-utils_2.2.40-1.1+deb12u2_ppc64el.deb 6b585f7a7bf4e45dcd565f7727d6703325597b19e7846888302f6b0adba8bdbf 17103 gnupg2_2.2.40-1.1+deb12u2_ppc64el-buildd.buildinfo 6141467daa3a770721ebd6bb1813128a5c8b1c40751d62f3583d939e44363f2a 984904 gpg-agent-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb a6dc47723236ef9a50552180d882e57c01de3223071e5ff88e1d789c2121217b 712616 gpg-agent_2.2.40-1.1+deb12u2_ppc64el.deb 5199905e295fe1df4ef4859b7fbe2c2f71125c8f3bcff753cbf9db8df24f1acd 1305896 gpg-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 0dc7043d2283e1bf514360f1bc38f009d1644f637125ef3aa576c7dcc9930c5b 314796 gpg-wks-client-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb a5808cc4a43df6f0deca5bcc44452758d5a3bf0a942ac810e472a3ecd4df326a 553764 gpg-wks-client_2.2.40-1.1+deb12u2_ppc64el.deb a823814763f7e83b1f85dd2b98361bf762fe3e297cf3aea3d1633a99f453acc3 287976 gpg-wks-server-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 83de8f4cb3475f6ddccc840ded21779c2b437855887699afd867ee703fd12410 543824 gpg-wks-server_2.2.40-1.1+deb12u2_ppc64el.deb 889a640b63bcf9b788903000a796b41939a1e8a275c320b23eb3c7d7ec25c605 978168 gpg_2.2.40-1.1+deb12u2_ppc64el.deb 3b72ca71b4df31ebc8e704f848e71e34b127c62e888e9965549c538c4466ccc9 390384 gpgconf-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb b50c04d471d8660ffcb9417bb8dac35d01aa13b9d70901729ae699e86a958f86 575244 gpgconf_2.2.40-1.1+deb12u2_ppc64el.deb f385b7a335fe849e0f78c8730748b77d983946cea45805457034bfede476a36d 661464 gpgsm-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 7dbc1b2353597bd9fbe348c500340552fb2dc6d8d24bf3516d7470dd1ddbc2c1 688444 gpgsm_2.2.40-1.1+deb12u2_ppc64el.deb 117b60d2fbbb198954cacbeb153b0298a3c8c9366bbf27182a2964a1b31aafa5 625428 gpgv-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb ce76d63dd29707d84a4245beccbeb3c77f1bc91b93ade7653f53582471247bc9 672552 gpgv-static-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb ea8eec39cb397bd4e94e1afda5c5ba241aa3798bb41a63919521a4d0dc5bf219 1577248 gpgv-static_2.2.40-1.1+deb12u2_ppc64el.deb 339790d52ac9605e1199b660955f63a9cccd1117aa29424c55eb9d06a80a40c5 216728 gpgv-udeb_2.2.40-1.1+deb12u2_ppc64el.udeb 35b80eb895175c61d25c1ba1cec900c817bafb183199513a2b4bd2e888112a59 664884 gpgv_2.2.40-1.1+deb12u2_ppc64el.deb 08583a37028c3409cc604c98917f40c3830ff86f11d01b1518589e428a5d477f 590972 scdaemon-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 6fd0af61d47058d3bc25043886de7f2f4eaf651b4584ad637f0b666cd7df5531 668228 scdaemon_2.2.40-1.1+deb12u2_ppc64el.deb Files: f1b11449277d55c779e8eb4dfdf5130d 1006780 debug optional dirmngr-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 58e45d36901536a8247f715ff0e8bde3 822632 utils optional dirmngr_2.2.40-1.1+deb12u2_ppc64el.deb da76b2d02dbca788bfdb2be2b4abfbef 1656012 debug optional gnupg-utils-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb e6d12b68ae0390da9c734d0908cc8a6c 960296 utils optional gnupg-utils_2.2.40-1.1+deb12u2_ppc64el.deb 1c66dfb9ce63a5bc843b74e411d33f48 17103 utils optional gnupg2_2.2.40-1.1+deb12u2_ppc64el-buildd.buildinfo e6cf3c316009912ceb0f3f1d846336b3 984904 debug optional gpg-agent-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb f2b401ae5913326c9baf56cd756590ab 712616 utils optional gpg-agent_2.2.40-1.1+deb12u2_ppc64el.deb 92850e9ae44414f9d93b8aa8287964b1 1305896 debug optional gpg-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb e0b057365c0de73189aeb8c4d02f1ee1 314796 debug optional gpg-wks-client-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 91ecc3d73e20caca8422ad7e6ac7546f 553764 utils optional gpg-wks-client_2.2.40-1.1+deb12u2_ppc64el.deb 19270686874af391b947feeef3047342 287976 debug optional gpg-wks-server-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 7d0ec872bf52f0039e9057b9496516b3 543824 utils optional gpg-wks-server_2.2.40-1.1+deb12u2_ppc64el.deb f31d0791e1cdac55d4c0612f60248592 978168 utils optional gpg_2.2.40-1.1+deb12u2_ppc64el.deb ab3a2f093f693200e985a03ba6b49f61 390384 debug optional gpgconf-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 2f57f8a2f49b44a0c3ac1ce0223ef6b5 575244 utils optional gpgconf_2.2.40-1.1+deb12u2_ppc64el.deb 87aaf1d8541cc8076afd0ed4d1ac86c6 661464 debug optional gpgsm-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb fc376ef1a8fa3b4bc87e839f98055cc1 688444 utils optional gpgsm_2.2.40-1.1+deb12u2_ppc64el.deb 4ed4b15e81b7977b5c94eac6489ca3f2 625428 debug optional gpgv-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 025aa8da9030de47e8ac2f837da1683b 672552 debug optional gpgv-static-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 912e37f792db283aec236d545f566b21 1577248 utils optional gpgv-static_2.2.40-1.1+deb12u2_ppc64el.deb 14f81b675c9e2f84dbccce2820a97021 216728 debian-installer optional gpgv-udeb_2.2.40-1.1+deb12u2_ppc64el.udeb 90b22fddd5895a41dd45d8d555e6e3b9 664884 utils important gpgv_2.2.40-1.1+deb12u2_ppc64el.deb 3c5a7f62a5b083a1d799d7cdfe3374e6 590972 debug optional scdaemon-dbgsym_2.2.40-1.1+deb12u2_ppc64el.deb 87944f6ae6c5f4a53dedb73673932a74 668228 utils optional scdaemon_2.2.40-1.1+deb12u2_ppc64el.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEySUEQfg5pZeb/U372FRWNm40e2YFAmlYYGoACgkQ2FRWNm40 e2ZV+xAAjTVQkfv+BBOa0Dm8BTpOREeGlfqECjp+RlHwcGE/LXsZxEOwLfJvHPD7 01BDJkFSgyGHHIQGvFAxggD/p1aONflaUf3Fw+p9tOK42ozxyyfb6X4ImfxMEOA7 lBeBwnVj+dtftiSjTv3TWVuJ3gIlZXF3M6VaggnGc0LXxKzWpRxwFgvjIseLImcB be4AehBX/Wj5AM0aRkELyRCuvaDF4CDP1pS8M2aKOkb/dvtzKHerkjRD8NncEzVN PNgceLiYwqIOvNNmYyJk+3wlZheHVdno1GlndlQbtxoJrf9aXqhQJiCgKxH5HFJv +9hnChybLM4tcvsEz+EeMNTpa5lb2ZtpwhQOaLOUaZtkAOrYmMnif2bvRRhI0QXp eiwfJp9PlrH4cm1xgF6mXiyZVkYXYzNab+zbCk7jArXGIhTmRgdJPwzTkPZMd9BP yN8140oUEn5fRm0P0GfSDkynAWFjv9g08OD7WEerDQbzTnFTaVQWBQOsn3WgZemk sToVCj4lKHfaVdPZm5rMDWdIgvkUEjP1RqY0IUGR3Oly07VPg7qJMNXQqTVUilc7 Uw0lPdKK3A3lYiTgUCul7mzJ8+YDXUtJDJ9q00mD54DUGokfa8E82euJwOz+3ous cKOldzwyn5umYXUHeLIB0GU3i8elbIcZNgZSzOZUI0xQmtXkLa0= =KCPu -----END PGP SIGNATURE-----