[pkg-gnupg-maint] Bug#1124221: gnupg2: CVE-2025-68973
Andreas Metzler
ametzler at bebt.de
Thu Jan 8 17:20:16 GMT 2026
On 2026-01-08 HW42 <hw42 at ipsumj.de> wrote:
> is there a reason the updated packages aren't in debian-security yet?
Hello Simon,
Yes, the reason is that the issue will not be fixed by a DSA but via
the pending stable and oldstable point releases. The packages are already
available for testing in the respective proposed-updates repositories.
See
https://alioth-lists.debian.net/pipermail/pkg-gnupg-maint/2025-December/010435.html
for a bit of context.
cu Andreas
More information about the pkg-gnupg-maint
mailing list