On 2026-01-08 HW42 <[email protected]> wrote: > is there a reason the updated packages aren't in debian-security yet?
Hello Simon, Yes, the reason is that the issue will not be fixed by a DSA but via the pending stable and oldstable point releases. The packages are already available for testing in the respective proposed-updates repositories. See https://alioth-lists.debian.net/pipermail/pkg-gnupg-maint/2025-December/010435.html for a bit of context. cu Andreas
