Package: gnupg2 Version: 2.0.19-1 Severity: critical Tags: security Justification: root security hole
Hi. This is a follow up for #697108 and CVE-2012-6085. While it seems that all world fixes this only for gpg 1.4.x Werner's bug entry[0,1] implies that 2.x is also affected. Could you please have a look? btw: Marking as root security hole, because people may use gpg2 to e.g. manually verify packages before installing them. Yeah I know,... apt would use gpg1 where it is already fixed. But better too high severity, than sorry ;) Cheers, Chris. [0] https://bugs.g10code.com/gnupg/issue1455 [1] https://bugs.g10code.com/gnupg/msg4493 -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org