Debian Package Tracker
Register | Log in
Subscribe

gnupg2

GNU privacy guard - a free PGP replacement (dummy transitional package)

Choose email to subscribe with

general
  • source: gnupg2 (main)
  • version: 2.2.20-1
  • maintainer: Debian GnuPG Maintainers (archive) (DMD)
  • uploaders: Eric Dorland [DMD] – Daniel Kahn Gillmor [DMD]
  • arch: all any
  • std-ver: 4.5.0
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 2.0.26-6+deb8u2
  • o-o-sec: 2.0.26-6+deb8u2
  • oldstable: 2.1.18-8~deb9u4
  • old-sec: 2.1.18-8~deb9u2
  • old-bpo: 2.2.12-1+deb10u1~bpo9+1
  • old-bpo-sl: 2.2.20-1~bpo9+1
  • stable: 2.2.12-1+deb10u1
  • stable-bpo: 2.2.20-1~bpo10+1
  • testing: 2.2.20-1
  • unstable: 2.2.20-1
versioned links
  • 2.0.26-6+deb8u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.1.18-8~deb9u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.1.18-8~deb9u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.2.12-1+deb10u1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.2.12-1+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.2.20-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.2.20-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 2.2.20-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • dirmngr (11 bugs: 0, 7, 4, 0)
  • gnupg (101 bugs: 0, 72, 29, 0)
  • gnupg-agent (49 bugs: 0, 39, 10, 0)
  • gnupg-l10n
  • gnupg-utils
  • gnupg2 (47 bugs: 0, 31, 16, 0)
  • gpg (13 bugs: 0, 10, 3, 0)
  • gpg-agent (6 bugs: 0, 6, 0, 0)
  • gpg-wks-client (2 bugs: 0, 2, 0, 0)
  • gpg-wks-server
  • gpgconf (1 bugs: 0, 1, 0, 0)
  • gpgsm (9 bugs: 0, 9, 0, 0)
  • gpgv (3 bugs: 0, 3, 0, 0)
  • gpgv-static
  • gpgv-udeb
  • gpgv-win32
  • gpgv2
  • scdaemon (11 bugs: 0, 9, 2, 0)
action needed
A new upstream version is available: 2.2.27 high
A new upstream version 2.2.27 is available, you should consider packaging it.
Created: 2020-07-11 Last update: 2021-01-23 17:27
Depends on packages which need a new maintainer normal
The packages that gnupg2 depends on which need a new maintainer are:
  • xloadimage (#919265)
    • Suggests: xloadimage
Created: 2020-01-09 Last update: 2021-01-23 22:39
1 bug tagged help in the BTS normal
The BTS contains 1 bug tagged help, please consider helping the maintainer in dealing with it.
Created: 2019-03-21 Last update: 2021-01-23 21:57
3 bugs tagged patch in the BTS normal
The BTS contains patches fixing 3 bugs, consider including or untagging them.
Created: 2020-10-19 Last update: 2021-01-23 21:57
lintian reports 2 warnings normal
Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.
Created: 2020-09-21 Last update: 2020-09-21 06:02
3 ignored security issues in stretch low
There are 3 open security issues in stretch.
3 issues skipped by the security teams:
  • CVE-2018-1000858: GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in the composer window of Thunderbird/Enigmail. This vulnerability appears to have been fixed in after commit 4a4bb874f63741026bd26264c43bb32b1099f060.
  • CVE-2018-9234: GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey.
  • CVE-2019-14855: A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.
Please fix them.
Created: 2018-04-05 Last update: 2020-10-08 21:30
1 ignored security issue in buster low
There is 1 open security issue in buster.
1 issue skipped by the security teams:
  • CVE-2019-14855: A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18.
Please fix it.
Created: 2019-11-25 Last update: 2020-10-08 21:30
Build log checks report 1 warning low
Build log checks report 1 warning
Created: 2017-10-26 Last update: 2017-10-26 07:22
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).
Created: 2020-11-17 Last update: 2020-11-17 05:41
news
[rss feed]
  • [2020-05-12] Accepted gnupg2 2.2.20-1~bpo9+1 (source) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy (Debian FTP Masters) (signed by: Roger Shimizu)
  • [2020-05-07] Accepted gnupg2 2.2.20-1~bpo10+1 (source) into buster-backports (Roger Shimizu)
  • [2020-03-28] gnupg2 2.2.20-1 MIGRATED to testing (Debian testing watch)
  • [2020-03-23] Accepted gnupg2 2.2.20-1 (source) into unstable (Daniel Kahn Gillmor)
  • [2020-03-17] gnupg2 2.2.19-3 MIGRATED to testing (Debian testing watch)
  • [2020-03-09] Accepted gnupg2 2.2.19-3 (source) into unstable (Daniel Kahn Gillmor)
  • [2020-03-03] Accepted gnupg2 2.2.19-2~bpo9+1 (source) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy (Debian FTP Masters) (signed by: Roger Shimizu)
  • [2020-03-02] Accepted gnupg2 2.2.19-2~bpo10+1 (source) into buster-backports (Roger Shimizu)
  • [2020-03-01] gnupg2 2.2.19-2 MIGRATED to testing (Debian testing watch)
  • [2020-02-27] Accepted gnupg2 2.2.19-2 (source) into unstable (Daniel Kahn Gillmor)
  • [2020-01-16] Accepted gnupg2 2.2.19-1~bpo9+1 (source) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy (Roger Shimizu)
  • [2020-01-12] Accepted gnupg2 2.2.19-1~bpo10+1 (source) into buster-backports (Roger Shimizu)
  • [2020-01-11] gnupg2 2.2.19-1 MIGRATED to testing (Debian testing watch)
  • [2020-01-08] Accepted gnupg2 2.2.19-1 (source) into unstable (Daniel Kahn Gillmor)
  • [2019-09-05] Accepted gnupg2 2.2.12-1+deb10u1~bpo9+1 (source) into stretch-backports->backports-policy, stretch-backports (Roger Shimizu)
  • [2019-08-31] Accepted gnupg2 2.2.12-1+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Daniel Kahn Gillmor)
  • [2019-08-08] Accepted gnupg2 2.2.17-3~bpo9+2 (source) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy (Roger Shimizu)
  • [2019-08-06] Accepted gnupg2 2.2.17-3~bpo10+2 (source) into buster-backports (Roger Shimizu)
  • [2019-07-28] Accepted gnupg2 2.2.17-3~bpo10+1 (source amd64 all) into buster-backports, buster-backports (Roger Shimizu)
  • [2019-07-28] Accepted gnupg2 2.2.17-3~bpo9+1 (source amd64 all) into stretch-backports-sloppy->backports-policy, stretch-backports-sloppy (Roger Shimizu)
  • [2019-07-23] gnupg2 2.2.17-3 MIGRATED to testing (Debian testing watch)
  • [2019-07-17] Accepted gnupg2 2.2.17-3 (source) into unstable (Daniel Kahn Gillmor)
  • [2019-07-14] Accepted gnupg2 2.2.17-2 (source) into unstable (Daniel Kahn Gillmor)
  • [2019-07-13] gnupg2 2.2.13-2 MIGRATED to testing (Debian testing watch)
  • [2019-07-12] Accepted gnupg2 2.2.17-1 (source) into unstable (Daniel Kahn Gillmor)
  • [2019-06-18] Accepted gnupg2 2.2.16-2 (source) into experimental (Daniel Kahn Gillmor)
  • [2019-05-29] Accepted gnupg2 2.2.16-1 (source) into experimental (Daniel Kahn Gillmor)
  • [2019-05-14] Accepted gnupg2 2.2.13-2 (source) into unstable (Daniel Kahn Gillmor)
  • [2019-04-01] Accepted gnupg2 2.2.15-1 (source) into experimental (Daniel Kahn Gillmor)
  • [2019-03-20] Accepted gnupg2 2.2.14-1 (source) into experimental (Daniel Kahn Gillmor)
  • 1
  • 2
bugs [bug history graph]
  • all: 252 264
  • RC: 0
  • I&N: 188 197
  • M&W: 62 65
  • F&P: 2
  • patch: 3
  • help: 1
links
  • homepage
  • lintian (0, 2)
  • buildd: logs, checks, clang, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • l10n (-, 60)
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 2.2.20-1ubuntu2
  • 59 bugs (1 patch)
  • patches for 2.2.20-1ubuntu2

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing