[pkg-gnupg-maint] Bug#1100074: gpg: gpg changes representation of certifications from expired certs, breaks test suite for GnuPG::Interface
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Mar 11 00:07:58 GMT 2025
Package: gpg
Version: 2.2.46-4
Severity: serious
Control: notfound -1 2.2.46-3
Control: affects -1 + libgnupg-interface-perl
Control: forwarded -1 https://dev.gnupg.org/T7547#198934
The fix for #1099141 introduced a new regression in the behavior of
GnuPG when evaluating certifications from expired OpenPGP certificates.
I've reported the problem upstream on T7547, where the attempts to
mitigate the side effects of fixing the verification DoS:
https://dev.gnupg.org/T7547#198934
GnuPG should probaby not migrate into testing until this part is also
resolved.
--dkg
-- System Information:
Debian Release: trixie/sid
APT prefers testing-debug
APT policy: (500, 'testing-debug'), (500, 'testing'), (200, 'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 6.12.12-amd64 (SMP w/20 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages gpg depends on:
ii gpgconf 2.2.46-4
ii libassuan9 3.0.2-2
ii libbz2-1.0 1.0.8-6
ii libc6 2.40-7
ii libgcrypt20 1.11.0-7
ii libgpg-error0 1.51-3
ii libreadline8t64 8.2-6
ii libsqlite3-0 3.46.1-1
ii zlib1g 1:1.3.dfsg+really1.3.1-1+b1
Versions of packages gpg recommends:
ii gnupg 2.2.46-4
gpg suggests no packages.
-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnupg-maint/attachments/20250310/23479472/attachment.sig>
More information about the pkg-gnupg-maint
mailing list