Debian Package Tracker

general

source: gnupg1 (main)
version: 1.4.23-1
maintainer: Debian GnuPG-Maintainers (archive) (DMD)
uploaders: Eric Dorland [DMD] – Daniel Kahn Gillmor [DMD] – Sune Vuorela [DMD]
arch: all any
std-ver: 4.1.4
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 1.4.21-4+deb9u1
old-sec: 1.4.21-4+deb9u1
stable: 1.4.23-1
testing: 1.4.23-1
unstable: 1.4.23-1

versioned links

1.4.21-4+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.23-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

gnupg1 (3 bugs: 0, 2, 1, 0)
gnupg1-l10n
gpgv1

action needed

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2019-14855: A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.

Please fix it.

Created: 2019-11-25 Last update: 2020-03-22 04:51

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-14855: A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.

Please fix it.

Created: 2019-11-25 Last update: 2020-03-22 04:51

Depends on packages which need a new maintainer normal

The packages that gnupg1 depends on which need a new maintainer are:

dh-exec (#851746)
- Build-Depends: dh-exec
xloadimage (#919265)
- Suggests: xloadimage

Created: 2019-11-22 Last update: 2020-05-25 16:21

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2020-05-21 Last update: 2020-05-21 00:02

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

gnupg1-l10n could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2020-05-25 16:43

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2019-14855: A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.

Please fix it.

Created: 2019-11-25 Last update: 2020-03-22 04:51

2 ignored security issues in stretch low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2017-7526: libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This side-channel requires that attacker can run arbitrary software on the hardware where the private RSA key is used.
CVE-2019-14855: A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.

Please fix them.

Created: 2017-08-02 Last update: 2020-03-22 04:51

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2019-07-15 Last update: 2019-07-15 08:19

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.0 instead of 4.1.4).

Created: 2018-08-20 Last update: 2020-01-21 05:05

news

[rss feed]

[2018-06-20] gnupg1 1.4.23-1 MIGRATED to testing (Debian testing watch)
[2018-06-12] Accepted gnupg1 1.4.21-4+deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2018-06-11] Accepted gnupg1 1.4.23-1 (source) into unstable (Daniel Kahn Gillmor)
[2018-06-08] Accepted gnupg1 1.4.21-4+deb9u1 (source) into stable->embargoed, stable (Salvatore Bonaccorso)
[2018-06-08] Accepted gnupg1 1.4.22-5 (source) into unstable (Daniel Kahn Gillmor)
[2018-02-11] gnupg1 1.4.22-4 MIGRATED to testing (Debian testing watch)
[2018-02-06] Accepted gnupg1 1.4.22-4 (source) into unstable (Daniel Kahn Gillmor)
[2017-10-02] gnupg1 1.4.22-3 MIGRATED to testing (Debian testing watch)
[2017-09-26] Accepted gnupg1 1.4.22-3 (source) into unstable (Daniel Kahn Gillmor)
[2017-09-26] Accepted gnupg1 1.4.22-2 (source) into unstable (Daniel Kahn Gillmor)
[2017-08-07] gnupg1 1.4.22-1 MIGRATED to testing (Debian testing watch)
[2017-08-02] Accepted gnupg1 1.4.22-1 (source) into unstable (Daniel Kahn Gillmor)
[2017-05-25] gnupg1 1.4.21-4 MIGRATED to testing (Debian testing watch)
[2017-03-29] Accepted gnupg1 1.4.21-4 (source) into unstable (Daniel Kahn Gillmor)
[2017-02-17] Accepted gnupg1 1.4.21-3 (source) into unstable (Daniel Kahn Gillmor)
[2016-11-19] gnupg1 1.4.21-2 MIGRATED to testing (Debian testing watch)
[2016-11-14] Accepted gnupg1 1.4.21-2 (source) into unstable (Daniel Kahn Gillmor)
[2016-09-04] gnupg1 1.4.21-1 MIGRATED to testing (Debian testing watch)
[2016-08-29] Accepted gnupg1 1.4.21-1 (source) into unstable (Daniel Kahn Gillmor)
[2016-08-18] gnupg1 1.4.20-7 MIGRATED to testing (Debian testing watch)
[2016-08-12] Accepted gnupg1 1.4.20-7 (source) into unstable (Daniel Kahn Gillmor)
[2016-08-08] Accepted gnupg1 1.4.20-6+exp5 (source) into experimental (Daniel Kahn Gillmor)
[2016-08-08] Accepted gnupg1 1.4.20-6+exp4 (source amd64 all) into experimental, experimental (Daniel Kahn Gillmor)

bugs [bug history graph]

all: 5
RC: 0
I&N: 3
M&W: 1
F&P: 1
patch: 0

links

homepage
lintian (0, 1)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
screenshots
l10n (-, 76)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.4.23-1