Package: debian-security-support Version: 1:12+2025.05.10 Severity: important
... if a binary package containing the source package's name is not
installed.
Example, if I manually install gpgv1 on a bookworm clean environment,
check-security-support reports nothing:
dpkg -l gpgv1:
ii gpgv1 1.4.23-1.1+b1 amd64 GNU privacy guard - signature
verification tool (deprecated "classic" version)
Installing gnupg1 (or only gnupg1-l10n) makes check-security-support to
report the relevant packages, including gpgv1:
Limited security support for one or more packages
Unfortunately, it has been necessary to limit security support for some
packages.
The following packages found on this system are affected by this:
* Source:gnupg1
Details: See #982258 and
https://www.debian.org/releases/stretch/amd64/release-notes/ch-whats-new.en.html#modern-gnupg
Affected binary packages:
- gnupg1 (installed version: 1.4.23-1.1+b1)
- gnupg1-l10n (installed version: 1.4.23-1.1)
- gpgv1 (installed version: 1.4.23-1.1+b1)
1:13+2025.05.07, on a trixie machine(*) correctly reports gpgv1, even if
installed alone:
The following packages found on this system are affected by this:
* Source:gnupg1
Details: See #982258 and
https://www.debian.org/releases/stretch/amd64/release-notes/ch-whats-new.en.html#modern-gnupg
Affected binary package:
- gpgv1 (installed version: 1.4.23-3)
(*) hacking /etc/debian_version, replacing the content with 13.0
signature.asc
Description: PGP signature
