-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 01 Jan 2026 06:46:01 +0100 Source: gnupg2 Binary: gnupg gnupg-agent gnupg-l10n gnupg2 gpgv-win32 Architecture: all Version: 2.4.7-21+deb13u1 Distribution: trixie Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-grnet-03) Changed-By: Andreas Metzler Description: gnupg - GNU privacy guard - a free PGP replacement gnupg-agent - GNU privacy guard - cryptographic agent (dummy transitional packa gnupg-l10n - GNU privacy guard - localization files gnupg2 - GNU privacy guard - a free PGP replacement (dummy transitional pa gpgv-win32 - GNU privacy guard - signature verification tool (win32 build) Closes: 1124221 Changes: gnupg2 (2.4.7-21+deb13u1) trixie; urgency=high . * Avoid potential downgrade to SHA1 in 3rd party key signatures. https://gpg.fail/sha1 #12 Patch from STABLE-BRANCH-2-4 * gpg: Error out on unverified output for non-detached signatures. https://gpg.fail/detached #1 Patch from STABLE-BRANCH-2-4 * gpg: Fix possible memory corruption in the armor parser (CVE-2025-68973) https://gpg.fail/memcpy #5 Patch from STABLE-BRANCH-2-4 (Closes: #1124221) * gpg: Do not use a default when asking for another output filename. https://gpg.fail/filename #2 Unfuzzed patch from GIT master Checksums-Sha1: 1a6a8c77550148c781ba0c4069110557a481fccb 16180 gnupg-agent_2.4.7-21+deb13u1_all.deb b4ae0f59ffe016b3e05f06fbf0cafec6f15bfd72 748620 gnupg-l10n_2.4.7-21+deb13u1_all.deb 49020108796241d4d64d614e8ca8ebf6652c1754 14930 gnupg2_2.4.7-21+deb13u1_all-buildd.buildinfo 4bae6f238a45da7a37a34a2278b01cef716b3a19 16280 gnupg2_2.4.7-21+deb13u1_all.deb e049fda4bf18eada4664faf9d5f95f5d812d0737 417112 gnupg_2.4.7-21+deb13u1_all.deb 1c1e30a4604f77d50f85c9e56700c24a3d8f9569 733360 gpgv-win32_2.4.7-21+deb13u1_all.deb Checksums-Sha256: 9b7499a86af2c75e3275b4df60e5bec4d7507c9f89e4d84186b0f8d35336afef 16180 gnupg-agent_2.4.7-21+deb13u1_all.deb 65c0b5b06123f81f08cfa9b0be313cbc9cf6255c550d70eabd8b175ce8928a35 748620 gnupg-l10n_2.4.7-21+deb13u1_all.deb cdc1f06e852ca69f4dbb592fc9e4a59c0a9fb70a9a330bd357474b352c33bf60 14930 gnupg2_2.4.7-21+deb13u1_all-buildd.buildinfo 8e20d34c10588dfe255ba0d8bb219938d93fe32ccc07385c60e9f96c7a428957 16280 gnupg2_2.4.7-21+deb13u1_all.deb e68f0fd24a7a62f1112ae3e442564e134f21040492f11d1aefa7b18de93ebf6e 417112 gnupg_2.4.7-21+deb13u1_all.deb a5994e2a845580a797d62ac3a586e7c231c5fa58fccbab946667f9059025a345 733360 gpgv-win32_2.4.7-21+deb13u1_all.deb Files: d73725293477fbc93fddc32328ad10f5 16180 oldlibs optional gnupg-agent_2.4.7-21+deb13u1_all.deb d6916f3a15c7ff13faacf22effe2f806 748620 localization optional gnupg-l10n_2.4.7-21+deb13u1_all.deb ac2f6cb4008ad18dd25b61389e6620bd 14930 utils optional gnupg2_2.4.7-21+deb13u1_all-buildd.buildinfo d844d657daf30297349d9b0e5eac35d3 16280 oldlibs optional gnupg2_2.4.7-21+deb13u1_all.deb e82a3393bd5bfe5db1fc9b3920c39609 417112 metapackages optional gnupg_2.4.7-21+deb13u1_all.deb 34d4a8f4b681c28f7e151eb35ae74be5 733360 utils optional gpgv-win32_2.4.7-21+deb13u1_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEHqtYLkdKRyCY94K8fUw6/tXbAmMFAmlW9RAACgkQfUw6/tXb AmPorw//TnYWtBAvE/yo2U+8cPZaYXtPckyC8MygLXXClFr5hJ7hhYvVzpohGKEP QJs5ZMGIrHNeUOjnfy7SCxUSa2byqnNp4lC8O3jANqwqyueNz2Bo0/VU1x7DpH/m O95/v+EW755x+QuDBW9YRaQqSEwwKAqB/T/M4ZPo3wRgkFWL6D1pTjSbRJxtfR9w FJo4xKjQrmeQ+X4SHkXMxuzvenYdQ6HvrIWeU4FvjiRb30+Q4T8QK6rIYO8tA68r W+3NtR5F68CG3hO5UCyMWEnVitemEs9lhXNWkZx++vm5hhamyN5ckUOKERXwmKUD 8hXVbS+Q0VN260JGoZ8QD4qlMr3x6QGEp3klQ0SFI+uw0u0ltquEK6zwmJRUBG2w Cgt3vWBCxwNExtQ15/VTtlsAd3s1/QSfyncoNea+3F7ItNkG0/hBxii4JJdeAzqX j13dInUGe9Pc+d+VCQ/A+8c2MY/nfUynvFPtC4SarEE5GGSD6ArqsBArEh+FUf0g sBnGf5vJ4Yvy1uQVcbDCbT0GmN+HkYv0hn4LKDsWz3uiXR8qj8HiGwUgjFU7OKty 0rruVDB7Ve0lvA+T3IHsl3eJywHH/WHhyZJW/o3KpRhOuWMo2afuPIB+rnl0Wi2f I5v12pOf85UlbiN0N/l+0jGzPaUPJ4F3gE76g5s5exmQap/txdo= =n+M3 -----END PGP SIGNATURE-----