gnupg2 - Debian Package Tracker

general

source: gnupg2 (main)
version: 2.2.46-6
maintainer: Debian GnuPG Maintainers (archive) (DMD)
uploaders: Daniel Kahn Gillmor [DMD] – Andreas Metzler [DMD] – Eric Dorland [DMD]
arch: all any
std-ver: 4.7.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.2.12-1+deb10u2
o-o-sec: 2.2.12-1+deb10u2
oldstable: 2.2.27-2+deb11u2
old-sec: 2.2.27-2+deb11u2
stable: 2.2.40-1.1
testing: 2.2.46-6
unstable: 2.2.46-6
exp: 2.4.7-12

versioned links

2.2.12-1+deb10u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.2.27-2+deb11u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.2.40-1.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.2.46-6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.4.7-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.4.7-11: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.4.7-12: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

dirmngr (11 bugs: 0, 7, 4, 0)
gnupg (93 bugs: 0, 67, 26, 0)
gnupg-agent (46 bugs: 0, 36, 10, 0)
gnupg-l10n
gnupg-utils
gnupg2 (42 bugs: 0, 27, 15, 0)
gpg (19 bugs: 0, 14, 5, 0)
gpg-agent (12 bugs: 0, 10, 2, 0)
gpg-wks-client (1 bugs: 0, 1, 0, 0)
gpg-wks-server
gpgconf (1 bugs: 0, 1, 0, 0)
gpgsm (7 bugs: 0, 7, 0, 0)
gpgv (4 bugs: 0, 4, 0, 0)
gpgv-static
gpgv-udeb
gpgv-win32
scdaemon (10 bugs: 0, 8, 2, 0)

action needed

1 bug tagged help in the BTS normal

The BTS contains 1 bug tagged help, please consider helping the maintainer in dealing with it.

Created: 2019-03-21 Last update: 2025-04-11 00:00

3 bugs tagged patch in the BTS normal

The BTS contains patches fixing 3 bugs (4 if counting merged bugs), consider including or untagging them.

Created: 2025-01-06 Last update: 2025-04-11 00:00

283 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit e24f56445aa9ce281ad7bb7cf71939767ca7c9d6
Merge: 0a352b0c 4803ae23
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Thu Apr 10 16:43:34 2025 -0400

    Merge branch 'debian/legacy-branch-2.2' into debian/unstable

commit 0a352b0c2ab02cc164b2d3fb69337bc5f9529af2
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Thu Apr 10 15:13:13 2025 -0400

    release to unstable

commit 96c4344e365c66be9b7b937b524bbeb047eea6b7
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Thu Apr 10 15:12:34 2025 -0400

    re-point to unstable

commit f4d3f9390c661b4359a232976d30e0e3cf98c1a9
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Thu Apr 10 14:57:47 2025 -0400

    d/changelog: merging in old entries

commit 6f23c53dc96221a5498964ff634799909da608a3
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Thu Apr 10 14:37:29 2025 -0400

    override warning about FreePG README

commit efd8c0120a4491df48e5364f22d7fdaee7b5cdde
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Apr 9 16:03:51 2025 -0400

    d/tests/verify-openpgp: allow stderr

commit 4803ae237f2b02f410ddc0d82ca958d93bf1fbb0
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sun Mar 30 15:59:11 2025 +0200

    Formatting fixes for migrate-pubring-from-classic-gpg.1
    
    (Thanks to Bjarni Ingi Gislason) Closes: #1100793

commit 0ae1227a3f9f9e321bc7663002500073050eb05a
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Mar 22 11:35:21 2025 +0100

    upload to unstable

commit 67774c459d4ed14e7f79244345d9d90c461caaea
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Mar 22 11:18:06 2025 +0100

    Revert FreePG patch for CSF newline cleanup. Closes: #1101011

commit 22ffc6f1ece34b76ce1574be36e1c19566b7ca9b
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Fri Mar 21 16:16:00 2025 +0100

    Add CVE number to 2.2.46-2 changelog entry

commit 0da7fbb8dc474fd61479d9ee5569d58617224f00
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Mar 15 16:20:16 2025 +0100

    Formatting fixes for gpgcompose.1 by Bjarni Ingi Gislason.
    
    Closes: #1100448

commit 3d0080be65179ad1f3f3e56f4f16c3728e9dc353
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Thu Mar 13 09:55:07 2025 -0400

    Prepare release to debian unstable

commit 766f3dd9f9aaef69d5c238436e929f966e31d21f
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Thu Mar 13 08:50:26 2025 -0400

    avoid a double-free

commit c454aa395f1786dfd7c312cf41506de7289fde31
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Fri Mar 7 16:00:46 2025 -0500

    Prepare release for Debian unstable

commit 90d84241748ffef8dec1fed3df96937a303abdcf
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Fri Mar 7 15:59:43 2025 -0500

    Avoid regression (Closes: #1099141)
    
    This backports the upstream patch to avoid a regression derived from
    the recent denial of service on signature verification.

commit bbff1927aa53a746110f6f07ae3bd5b4f364ae78
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Mar 5 15:39:47 2025 -0500

    Prepare debian release

commit 17105f3a16a1dd86429cdce861ce4838b5070a2d
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Mar 5 14:10:34 2025 -0500

    Verify text-mode Signatures over binary Literal Data Packets

commit 49d9cd7a11f182e353a54e3c712e69966dadc303
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Mar 5 14:05:33 2025 -0500

    Support --enable-large-rsa in non-batch mode (following FreePG)

commit f239ea2571dd63b0fcee09b84f69e9cfcf70d9ff
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Mar 5 14:03:20 2025 -0500

    update FreePG patches
    
    FreePG adopted "Fix newlines in CSF" patch

commit 8244b3e2dc246c3b709140d85665c56ca38622f1
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Tue Feb 18 16:21:03 2025 -0500

    prepare debian release

commit 1cea86dce3534db0e4114b2c01920dbee270f1f7
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Tue Feb 18 16:18:21 2025 -0500

    Avoid keyring DoS

commit c60002ee17c13064e829068f9c998cfd3e1238fd
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Fri Feb 21 13:30:10 2025 -0500

    Fix newline confusion around CSF

commit 55249718f334108c20fb9e8210d869e75d70371c
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Tue Feb 18 16:02:56 2025 -0500

    Disallow compressed signatures and certificates
    
    These are not used in the wild, are not specified, and represent an
    increased attack surface for GnuPG.

commit 7c1481a76d8922dc5f1e04de9be5dac735a7c87c
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Tue Feb 18 15:59:03 2025 -0500

    3 more patches adopted by FreePG
    
    (restore nl.po needed to keep a bunch of stuff that hadn't been
    shipped in the tarball we build from)
    
    (improve default digest algorithm)

commit a3d37d0e1755508015c68315805c98fbc5558dd8
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sun Feb 2 07:35:41 2025 +0100

    block-ptrace-on-secret-daemons accepted into FreePG, rename.

commit ef71b368553a15cedd0ec3958faee69ea7850cd7
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Thu Jan 30 10:57:01 2025 -0500

    drop GSM_SKIP_SSH_AGENT_WORKAROND hack
    
    as i wrote in id:87y0ysnvp8.fsf@fifthhorseman.net,
    
    >  The link in the dropped comment doesn't say anything about GSM_SKIP_SSH_AGENT_WORKAROUND.
    >
    >  The initial mention of the environment variable i could find was in
    >  https://bugs.debian.org/855868 from 2017 (over 7 years ago), where rufo
    >  (in cc) said:
    >
    >  > At least until this patch
    >  > (https://git.gnome.org/browse/gnome-session/commit/?id=818266a898b803960ce8dd6d330c1ef6934bba46)
    >  > lands in gnome-session-bin, we also need to set
    >  > GSM_SKIP_SSH_AGENT_WORKAROUND to prevent our SSH_AUTH_SOCK from being
    >  > clobbered.  Updated script below.
    >
    >  That URL is wrong today, but correct commit is at:
    >
    >  https://gitlab.gnome.org/GNOME/gnome-session/-/commit/818266a898b803960ce8dd6d330c1ef6934bba46
    >
    >  Which was rolled into gnome-session 3.25.3.  oldoldstable is at 3.30.1,
    >  so i think this is safe to remove.
    >
    >  I've also looked at
    >  https://codesearch.debian.net/search?q=GSM_SKIP_SSH_AGENT_WORKAROUND&literal=1
    >  and there is no other package in debian that contains this string at
    >  all.

commit d335f8d165f15adf49e8cd8c6d6bb92fbb9680ef
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Fri Jan 10 15:53:41 2025 -0500

    prepare debian release

commit 81c62a01e541da8f1b266a183f19fbcd6e826cfd
Merge: bd85ebfd b7435f3e
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Fri Jan 10 15:52:54 2025 -0500

    Update upstream source from tag 'upstream/2.2.46'
    
    Update to upstream version '2.2.46'
    with Debian dir 1fd052b5662b33ff84e204b70551585e3b8ee94f

commit b7435f3e63e82aa600ed4ad5e18e6384f8fa62e3
Merge: 60df887b 7e48331a
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Fri Jan 10 15:52:49 2025 -0500

    New upstream version 2.2.46

commit bd85ebfd05ab814a38b8914a1c7bb07408af8f36
Merge: 203424d0 60df887b
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Thu Jan 9 10:32:07 2025 -0500

    Merge branch 'upstream-2.2' into debian/unstable
    
    This corrects my mistake in managing the upstream-2.2 branch during
    the merge of 2.2.46~pre1

commit 60df887bc62f45982f157c31e8afddca8943639e
Merge: 3c9584d4 724db734
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Thu Jan 9 10:30:18 2025 -0500

    Merging branch 'upstream-2.2'
    
    I failed to update my local upstream-2.2 branch before importing
    2.2.46, so these branches got de-synced.  This merge is a correction
    for that.

commit 203424d0489872f7c8132eb47c6f8db079a5450f
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Jan 8 16:33:09 2025 -0500

    prepare debian release

commit 360645add019b07b5e8379e1ad47cab13d211fc6
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Jan 8 16:21:54 2025 -0500

    systemd gpg-agent.socket:  announce GPG_AGENT_INFO for the benefit of gnupg1

commit 9adc9b56a885eb5c6af8bfe3eb45398b6bcdec85
Author: Richard Hansen <rhansen@rhansen.org>
Date:   Wed Nov 13 17:19:15 2024 -0500

    debian/Xsession.d/90gpg-agent: Add comment explaining GPG_AGENT_INFO
    
    That variable does nothing since v2.1.0, but gnupg1 might be
    installed.
    
    Also:
      * Inline the unnecessary `agent_sock` variable.
      * Quote parameter expansions to prevent field splitting (unlikely in
        these cases, but it's idiomatic).
      * Delete blank line at the end of the file.

commit 96cc8985b0c425b7c410710ae60908c0b322d3d2
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Jan 8 16:13:03 2025 -0500

    Let gpg-agent-ssh.socket check enable-ssh-support
    
    This was originally from Richard Hansen, see
    https://salsa.debian.org/debian/gnupg2/-/merge_requests/17
    
    I also cleaned up some of the comments in the patch to make it a bit
    clearer.

commit afc711b730ac15e3b2e7a234eca3838f33ca27f0
Author: Bastien Roucariès <rouca@debian.org>
Date:   Sat Aug 13 21:09:20 2022 +0000

    Improve systemd integration of gnupg by injecting environment variable at start/stop
    
    Previously we used to set SSH_AUTH_SOCK using systemd environment.
    
    The former approach has the following drawbacks:
    
    - the lifetime of SSH_AUTH_SOCK is not tied to the lifetime of the
      service
    - it is hard to know where variables are set
    - it is hard custumize the socket variable, for instance for running
      multiple ssh-agent or testing purpuse
    
    Moreover conceptually it is better to set the environment variable in
    the same file that run the service (or socket)

commit 02ca223dbf275e7879dfa4bb3809be508f2864d3
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Jan 8 15:19:53 2025 -0500

    refresh patches

commit daecc70510cb1ac253687451b6d2e483cf767373
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Jan 8 15:18:39 2025 -0500

    d/changelog: update

commit 551a147ba55ac8b3359e4981443dfee0761b6ee8
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Jan 8 15:17:44 2025 -0500

    drop patch applied upstream

commit 97b4c3805d00968f457edf9908c1eb1d0df7c539
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Jan 8 15:16:49 2025 -0500

    prepare debian release

commit c3b4f5e833ad617b34af133316f394c64570e9dc
Merge: 5f82ed86 3c9584d4
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Jan 8 15:13:32 2025 -0500

    Update upstream source from tag 'upstream/2.2.46_pre1'
    
    Update to upstream version '2.2.46~pre1'
    with Debian dir f52d193c644139b2c501d965624a24ff549909e8

commit 3c9584d4d682032dd8a91287d2b94abd64909a54
Merge: f85d326a 7e48331a
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Jan 8 15:13:24 2025 -0500

    New upstream version 2.2.46~pre1

commit 5f82ed861abff8ce93ddd51f32ce5491347288c7
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Jan 8 14:07:19 2025 -0500

    Collect FreePG patches together

commit 1f754e0f53e0d95b31b53c239927d4ea92ff41e0
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Jan 8 13:57:32 2025 -0500

    collect more patches following FreePG naming

commit aa0485e96a3f6110221054dd6955ba476f53a913
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Jan 8 12:47:22 2025 -0500

    gpgconf: override lintian complaint about distsigkey.gpg

commit 4c2aed632fe483c8d4f4ecc20a52f2a3d37f898e
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Jan 8 10:13:58 2025 -0500

    fix spelling

commit d25ce64a65f286a9b927b7527d4731226fbcb27a
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Jan 8 09:50:28 2025 -0500

    add lintian overrides for unused FreePG patches

commit e8951a20937560ad49ba87fb6518d36f07c7781c
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Wed Jan 8 09:36:15 2025 -0500

    prepare debian release

commit 05fd5419f6bac8726dfda1e95322d2c8d45b6c0a
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Tue Jan 7 18:25:00 2025 -0500

    drop outdated m4 files declaratively, not as patches

commit 7e48331afb611a2b39e5ae74b8806b84e54db924
Author: Werner Koch <wk@gnupg.org>
Date:   Tue Jan 7 09:23:50 2025 +0100

    Release 2.2.46

commit 076ed89deed4a57432e4d6fd871187356f7710da
Author: Werner Koch <wk@gnupg.org>
Date:   Tue Jan 7 09:24:30 2025 +0100

    po: msgmerge
    
    --

commit 09613aebf303093b76b2fc3b268393454afb093f
Author: bubu <bubub@no-log.org>
Date:   Tue Jan 7 08:23:51 2025 +0100

    po: Update french translation.
    
    --
    (proofread by the debian-l10n-french team)
    
    GnuPG-bug-id: 7469

commit 3b68847e6c082ef251c52fcd70f27fa2b4aaf409
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Mon Jan 6 14:40:10 2025 -0500

    put freepg patches first, sorted

commit 0d3d62d5ed6929f666c717ff2a1bdbf07b149988
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Sat Jan 4 12:17:53 2025 -0500

    Use freepg-labeled patches
    
    The [FreePG patchset](https://gitlab.com/freepg) is a common resource
    for GnuPG downstream packagers to track, maintain, and apply
    commonly-used patches for GnuPG that have been refused by upstream.
    
    We can use these patches to keep Debian in alignment with other
    distros.  They replace patches that we already use.

commit c8c86f25fd733136feb013f9b9eb829a24040b5b
Author: Werner Koch <wk@gnupg.org>
Date:   Thu Nov 21 09:52:46 2024 +0100

    gpg: Add the AEAD algo number to the DECRYPTION_INFO status line.
    
    * g10/decrypt-data.c (decrypt_data): Print the aead_algo
    --
    
    GnuPG-bug-id: 7398

commit 5b3fc8abaae4016423069852728461303611f866
Author: Werner Koch <wk@gnupg.org>
Date:   Tue Nov 12 12:05:37 2024 +0100

    gpgconf: Show also the used nPth version with -V
    
    * dirmngr/dirmngr.c (gpgconf_versions): Get and show nPth version.
    --
    
    Note that this requires nPth 1.8

commit fc47bdad5966d29c5b289882a8442541079a5f91
Author: Werner Koch <wk@gnupg.org>
Date:   Thu Nov 7 15:06:17 2024 +0100

    gpgtar: Make sure to create upper directories for regular files.
    
    * tools/gpgtar-extract.c (extract_directory): Factor parent directory
    creation out to ..
    (try_mkdir_p): new.
    (extract_regular): Create directory on ENOENT.
    
    * g10/pubkey-enc.c (get_it): Use log_info instead of log_error if the
    public key was not found for preference checking.
    --
    
    If tarball was created with
        tar cf tarball file1.txt foo/file2.txt
    the tarball has no entry for foo/ and thus the extraction fails. This
    patch fixes this.
    
    GnuPG-bug-id: 7380
    
    The second patch avoid a wrong exit status status line due to the use
    of log_error.  But the actual cause needs stuill needs tobe
    investigated.

commit 524a55f572899904a5d3a7e0a4f752585bfd84a3
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Fri Nov 1 13:04:23 2024 +0100

    Upload to unstable

commit f0922cdf55b46f4e2e20ac3157a36dfb67a7e235
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Fri Nov 1 11:54:19 2024 +0100

    Do not err on importing rev-cert for expired key.
    
    Cherry-pick 48aa9e82657902ceb7ef081c6c55adbea5dd0217 from upstream GIT
    master
    Closes: #1086140

commit d5efff90089a9043f2f15908c30cf802a4df28ae
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Thu Oct 31 18:24:41 2024 +0100

    Fix regression breaking gpgme testsuite.
    
    Fix by cherry-picked from upstream STABLE-BRANCH-2-2 branch
    2ca38bee7a63c0f7185ca1dbf13da1cbc4933563
    
    Closes: #1086271

commit 6c58694a885bb9e6b0d0324eeb59e22c29ec4d30
Author: Werner Koch <wk@gnupg.org>
Date:   Thu Oct 31 15:11:55 2024 +0100

    gpg: Allow the use of an ADSK subkey as ADSK subkey.
    
    * g10/packet.h (PKT_public_key): Increased size of req_usage to 16.
    * g10/getkey.c (key_byname): Set allow_adsk in the context if ir was
    requested via req_usage.
    (finish_lookup): Allow RENC usage matching.
    * g10/keyedit.c (append_adsk_to_key): Adjust the assert.
    * g10/keygen.c (prepare_adsk): Also allow to find an RENC subkey.
    --
    
    If an ADSK is to be added it may happen that an ADSK subkey is found
    first and this should then be used even that it does not have the E
    usage.  However, it used to have that E usage when it was added.
    
    While testing this I found another pecularity: If you do
      gpg -k ADSK_SUBKEY_FPR
    without the '!' suffix and no corresponding encryption subkey is dound,
    you will get an unusabe key error.  I hesitate to fix that due to
    possible side-effects.
    
    GnuPG-bug-id: 6882
    Backported-from-master: d30e345692440b9c6677118c1d20b9d17d80f873
    
    Note that we still use the NO_AKL and not the newer TRY_LDAP in 2.2.
    We may want to backport that change as well.

commit 2ca38bee7a63c0f7185ca1dbf13da1cbc4933563
Author: NIIBE Yutaka <gniibe@fsij.org>
Date:   Thu Oct 31 11:47:55 2024 +0900

    agent: Fix status output for LISTTRUSTED.
    
    * agent/trustlist.c (istrusted_internal): When LISTMODE is enabled,
    TRUSTLISTFPR status output should be done.
    
    --
    
    GnuPG-bug-id: 7363
    Fixes-commit: 4fa82eec43e8d205fa336113f6ea554923fd6986
    Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

commit 5a55b162c6ba8024edb6b858dcb400549f78f798
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Oct 26 18:29:17 2024 +0200

    New upstream version 2.2.45

commit 50e505f105c19383a0e193b6381f08b760147fed
Merge: f9de275f 724db734
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Oct 26 16:36:13 2024 +0200

    Update upstream source from tag 'upstream/2.2.45'
    
    Update to upstream version '2.2.45'
    with Debian dir 505ffd0d9c71e0d7f0e317340976ef9bfa207f33

commit 724db734e3d93391dc9addf8dff2afc42777a81e
Merge: 2bb3d7ba 8e3fc26d
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Oct 26 16:35:53 2024 +0200

    New upstream version 2.2.45

commit 5c0383d558cc9112c4c0984a3b2a6c98b29a92ca
Author: Werner Koch <wk@gnupg.org>
Date:   Tue Oct 22 18:24:59 2024 +0200

    Post release updates
    
    --

commit 8e3fc26d4a1e3d9e0a69198a30fd79bc564c58e6
Author: Werner Koch <wk@gnupg.org>
Date:   Tue Oct 22 15:50:33 2024 +0200

    Release 2.2.45

commit 8838e795e93e8e335117f5089d6e3bef0466af0f
Author: Werner Koch <wk@gnupg.org>
Date:   Tue Oct 22 15:50:23 2024 +0200

    po: msgmerge
    
    --

commit ae383e0e73638fbed86e6343465e3ad32c4fa267
Author: Werner Koch <wk@gnupg.org>
Date:   Tue Oct 22 15:49:50 2024 +0200

    po: Update German translation
    
    --

commit cb5f4aba57dc29271aeb2fa2799bf17c8078adbe
Author: Werner Koch <wk@gnupg.org>
Date:   Mon Oct 14 16:46:27 2024 +0200

    dirmngr: Print a brief list of URLs with LISTCRLS.
    
    * dirmngr/crlcache.c (crl_cache_list): Print a summary of URLs.
    
    * sm/call-dirmngr.c (gpgsm_dirmngr_run_command): Print a notice to
    stdout if the dirmngr has been disabled.
    --
    
    GnuPG-bug-id: 7337

commit 69a8aefa5bf77136b77383b94e34ba784c1cce89
Author: Werner Koch <wk@gnupg.org>
Date:   Thu Oct 10 18:05:57 2024 +0200

    gpgsm: Fix cached istrusted lookup.
    
    * sm/call-agent.c (gpgsm_agent_istrusted): Actually set istrusted
    list.
    --
    
    Fixes-commit: 9087c1d3637cf1c61744ece0002dc0dc5675d7c9

commit 85d8fa57db0a64f565fc8ecb4465340a2fbc9985
Author: Werner Koch <wk@gnupg.org>
Date:   Mon Oct 7 08:16:31 2024 +0200

    gpg: Emit status error for an invalid ADSK.
    
    * g10/keygen.c (prepare_adsk): Emit status error.
    --
    
    This is useful for GPGME.
    
    GnuPG-bug-id: 7322

commit a5527edebbad3a3a4a5dc93d61133f75eac6bc89
Author: Werner Koch <wk@gnupg.org>
Date:   Fri Oct 4 12:03:11 2024 +0200

    gpgsm: Add compatibility flag no-keyinfo-cache
    
    * sm/gpgsm.c (compatibility_flags): Add flag.
    * sm/gpgsm.h (COMPAT_NO_KEYINFO_CACHE): New.
    * sm/call-agent.c (gpgsm_agent_istrusted): Act upon it.
    (gpgsm_agent_keyinfo): Ditto.

commit 9087c1d3637cf1c61744ece0002dc0dc5675d7c9
Author: Werner Koch <wk@gnupg.org>
Date:   Wed Oct 2 16:44:04 2024 +0200

    gpgsm: Implement a cache for the KEYINFO queries.
    
    * sm/gpgsm.h (struct keyinfo_cache_item_s): New.
    (struct server_control_s): Add keyinfo_cache and keyinfo_cache_valid.
    * sm/call-agent.c (keyinfo_cache_disabled): New flag.
    (release_a_keyinfo_cache): New.
    (gpgsm_flush_keyinfo_cache): New.
    (struct keyinfo_status_parm_s): New.
    (keyinfo_status_cb): Implement a fill mode.
    (gpgsm_agent_keyinfo): Implement a cache.
    * sm/server.c (reset_notify): Flush the cache.
    * sm/gpgsm.c (gpgsm_deinit_default_ctrl): Ditto.
    --
    
    In almost all cases we have just a few private keys in the agent and
    thus it is better to fetch them early.  This does not work in a
    restricted connection but we take care and disable the cache in this
    case.
    
    This cache gives a a minor speed up.
    
    GnuPG-bug-id: 7308
    (cherry picked from commit 241971fac0fc52efc87ed5753a01d18b0672d900)

commit 09d4b8f496dd461a21d5ba0297710d683b16def4
Author: Werner Koch <wk@gnupg.org>
Date:   Wed Oct 2 14:20:03 2024 +0200

    gpgsm: Use a cache for ISTRUSTED queries.
    
    * sm/call-agent.c (struct istrusted_cache_s): New.
    (istrusted_cache, istrusted_cache_valid): New.
    (istrusted_cache_disabled): New.
    (flush_istrusted_cache): New.
    (struct istrusted_status_parm_s): New.
    (istrusted_status_cb): Fill the cache.
    (gpgsm_agent_istrusted): Implement a cache.
    --
    
    Not a really measurable performance improvements on Linux but maybe
    somewhat on Windows (not yet tested).  However, it does not clutter
    the log files with IPC calls returning NOT_TRUSTED.
    
    GnuPG-bug-id: 7308
    (cherry picked from commit ef2be95258d2e02659e96f6c4df5a9a1a233c8fd)

commit 4fa82eec43e8d205fa336113f6ea554923fd6986
Author: Werner Koch <wk@gnupg.org>
Date:   Tue Oct 1 18:07:32 2024 +0200

    agent: Add option --status to the LISTRUSTED command.
    
    * agent/trustlist.c (istrusted_internal): Add arg listmode and print
    new status line in this mode.  Adjust callers.
    (agent_listtrusted): Add new args ctrl and status_mode.  Get all
    trusted keys and then call is_trusted_internal for all of them.
    
    * agent/command.c (cmd_listtrusted): Add new option --status.
    --
    
    This allows in a non-restricted connection to list all trusted keys in
    one go.
    
    (cherry picked from commit 4275d5fa7a51731544d243ba16628a9958ffe3ce)

commit 269efd89a3611b2e7c29e47a69833e4837f1639a
Author: Werner Koch <wk@gnupg.org>
Date:   Tue Oct 1 12:52:46 2024 +0200

    Update NEWS
    
    --

commit 41626a16613a042e7ba2ec65420a41e63ede1f69
Author: Werner Koch <wk@gnupg.org>
Date:   Tue Oct 1 12:36:16 2024 +0200

    gpgsm: Possible improvement for some rare P12 files.
    
    * sm/minip12.c (parse_shrouded_key_bag): Increase size of salt buffer.
    --
    
    Reported on the mailing list.  The change does not seem to have a big
    regression risk, thus applied.  See below for the mail
    
    # ------------------------ >8 ------------------------
    https://lists.gnupg.org/pipermail/gnupg-users/2024-September/067312.html

commit f1e1cb0767a1802fb168188b54a20b45f2bb47f9
Author: Werner Koch <wk@gnupg.org>
Date:   Mon Jul 1 15:47:03 2024 +0200

    gpgconf: Allow listing of some new options
    
    --
    
    Also one old option.
    
    GnuPG-bug-id: 6882
    (cherry picked from commit df977729ff3879fdeab7bce339b95ee3fd8ecc42)

commit dcee2db36ba49a689625f8c4381000bb6e82ea76
Author: Werner Koch <wk@gnupg.org>
Date:   Mon Sep 30 18:22:25 2024 +0200

    gpgsm: Use a cache to speed up parent certificate lookup.
    
    * sm/gpgsm.h (COMPAT_NO_CHAIN_CACHE): New.
    (struct cert_cache_item_s, cert_cache_item_t): New.
    (struct server_control_s): Add parent_cert_cache.
    * sm/gpgsm.c (compatibility_flags): Add "no-chain-cache".
    (parent_cache_stats): New.
    (gpgsm_exit): Print the stats with --debug=memstat.
    (gpgsm_deinit_default_ctrl): Release the cache.
    * sm/certchain.c (gpgsm_walk_cert_chain): Cache the certificates.
    (do_validate_chain): Ditto.
    --
    
    This gives another boost of 30% (from 6.5 to 4.0 seconds in the test
    environment with ~1000 certs).  do_validate_chain actually brings us
    the speedup becuase the gpgsm_walk_cert_chain is not used during a key
    listing.  For the latter we actually cache all certificates because
    that was easier.
    
    GnuPG-bug-id: 7308
    
    Adjusted for 2.2:
    - Add gpgsm_deinit_default_ctrl
    - Remove ctrl arg from keydb_new

commit f9de275fd34a6b392643352f30790e469b8c7c71
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Sep 28 13:30:00 2024 +0200

    Run  wrap-and-sort -ast

commit 55678cc06e49dd9a26158870773cbb007a4d640b
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sat Sep 28 13:29:23 2024 +0200

    Add myself to uploaders.

commit 9543b3567b04aa5423852c29ecb77ff004c220f4
Author: Werner Koch <wk@gnupg.org>
Date:   Fri Sep 27 15:50:46 2024 +0200

    sm: Optmize clearing of the ephemeral flag.
    
    * kbx/keybox-search.c (keybox_get_cert): Store the blob clags in the
    cert object.
    * sm/certchain.c (do_validate_chain): Skip clearing of the ephemeral
    flag if we know that it is not set.
    --
    
    GnuPG-bug-id: 7308

commit ecda4b1e1694107000534e6f8dc6fed1947f61bd
Author: Werner Koch <wk@gnupg.org>
Date:   Wed Jun 5 17:04:33 2024 +0200

    gpg: Add magic parameter "default" to --quick-add-adsk.
    
    * g10/getkey.c (has_key_with_fingerprint): New.
    * g10/keyedit.c (menu_addadsk): Replace code by new function.
    (keyedit_quick_addadsk): Handle magic arg "default".
    * g10/keygen.c (append_all_default_adsks): New.
    --
    
    GnuPG-bug-id: 6882
    (cherry picked from commit 77afc9ee1c75a28083edf6d98888f9b472c3e39d)

commit 45ae027ce404be5ef3f89384856cf823f859e37d
Author: Werner Koch <wk@gnupg.org>
Date:   Tue Mar 21 16:30:18 2023 +0100

    gpg: New command --quick-add-adsk
    
    * g10/gpg.c (enum cmd_and_opt_values): Add aQuickAddADSK.
    (opts): Add --quick-add-adsk.
    (main): Call the actual function.
    * g10/keyedit.c (keyedit_quick_addadsk): New.
    (menu_addadsk): Add arg adskfpr and change caller.
    --
    
    GnuPG-bug-id: 6395
    (cherry picked from commit 9f27e448bf1f825906f3c53e3428087d34bbd8fc)

commit eafe17532069e7ad64904e1d04952587a9c4dbd1
Author: Werner Koch <wk@gnupg.org>
Date:   Thu Sep 26 10:37:32 2024 +0200

    gpg: New option --default-new-key-adsk and "addadsk" for edit-key.
    
    * g10/free-packet.c (copy_public_key): Factor some code out to ...
    (copy_public_key_basics): new.
    * keygen.c (keygen_add_key_flags_and_expire): Rewrite and make public.
    * g10/keyedit.c (enum cmdids): Add cmdADDADSK.
    (keyedit_menu): Add command "addadsk".
    (menu_addadsk): New.
    
    * g10/options.h (opt): Add field def_new_key_adsks.
    * g10/gpg.c (oDefaultNewKeyADSK): New.
    (opts): Add --default-new-key-adsk.
    (main): Parse option.
    * g10/keyedit.c (menu_addadsk): Factor some code out to ...
    (append_adsk_to_key): new.  Add compliance check.
    * g10/keygen.c (pADSK): New.
    (para_data_s): Add adsk to the union.
    (release_parameter_list): Free the adsk.
    (prepare_adsk): New.
    (get_parameter_adsk): New.
    (get_parameter_revkey): Remove unneeded arg key and change callers.
    (proc_parameter_file): Prepare adsk parameter from the configured
    fingerprints.
    (do_generate_keypair): Create adsk.
    --
    
    GnuPG-bug-id: 6882
    (cherry picked from commit ed118e2ed521d82c1be7765a0a19d5b4f19afe10)
    and modified to adjust to other code changes

commit 7eb39815bd73a1df93c79a75edfddfca999ab629
Author: Werner Koch <wk@gnupg.org>
Date:   Fri May 31 17:21:49 2024 +0200

    common: New function tokenize_to_strlist.
    
    * common/strlist.c (append_to_strlist_try): Factor code out to ...
    (do_append_to_strlist): new.
    (tokenize_to_strlist): New.
    
    * common/t-strlist.c (test_tokenize_to_strlist): New.
    
    (cherry picked from commit d2dca58338a4936b293c3ec6be4572d0e74b6a0d)

commit c33523a0132e047032c4d65f9dedec0297bfbef3
Author: NIIBE Yutaka <gniibe@fsij.org>
Date:   Tue Sep 17 09:24:41 2024 +0900

    common:w32: Don't expose unused functions.
    
    * common/exechelp.h [HAVE_W32_SYSTEM] (get_max_fds): Don't expose.
    (close_all_fds, get_all_open_fds): Likewise.
    * common/exechelp-w32.c: Don't expose unused functions.
    
    --
    
    GnuPG-bug-id: 7293
    Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

commit 79ab52ff42e895037c15555b2ca6df6e34b5ad17
Author: Werner Koch <wk@gnupg.org>
Date:   Wed Sep 25 15:15:51 2024 +0200

    gpg: Exclude expired trusted keys from the key validation process.
    
    * g10/trustdb.c (copy_key_item): New.
    (validate_keys): Use a stripped down UTK list w/o expired keys.
    --
    
    This patch makes sure that an expired trusted key is not used for
    trust computation.  The test case is to delete a trusted key from the
    keyring, import a copy of that key which has already expired, check
    that a signed key is not anymore fully trusted and finally import a
    prolonged version of the trusted key and check that the signed key is
    now again fully trusted.
    
    GnuPG-bug-id: 7200

commit 23d4e7f0a7963d4cb660942bf673f85ea987967d
Author: Werner Koch <wk@gnupg.org>
Date:   Wed Sep 25 14:31:46 2024 +0200

    gpg: Validate the trustdb after the import of a trusted key.
    
    * g10/import.c (import_one_real): Rename non_self to non_self_or_utk.
    If not set after chk_self_sigs check whether the imported key is an
    ultimately trusted key.
    --
    
    The revalidation mark was only set if the imported key had a new key
    signature.  This is in general correct but not if the imported key is
    a trusted key.
    
    GnuPG-bug-id: 7200

commit 3dd6887f13b42997a3c07a0e674d5d33290ac76f
Author: Werner Koch <wk@gnupg.org>
Date:   Wed Sep 25 14:04:59 2024 +0200

    gpg: Remove useless variable in validate_keys.
    
    * g10/trustdb.c (store_validation_status): Remove arg  'stored'.
    (validate_keys): Remove keyhashtable 'stored' which was never used.
    --
    
    This has been here since 2003.  The variable was never evaluated -
    only stored.
    
    Also added some comments.

commit 9e8e48e00b85b66563b1a581b0ffd8cbc5262e10
Author: Werner Koch <wk@gnupg.org>
Date:   Thu Sep 19 10:00:24 2024 +0200

    gpg: Avoid wrong decryption_failed for signed+OCB msg w/o pubkey.
    
    * g10/decrypt-data.c (struct decode_filter_context_s): Add flag
    checktag_failed.
    (aead_checktag): Set flag.
    (decrypt_data): Initially clear that flag and check the flag after the
    decryption.
    * g10/mainproc.c (proc_encrypted): Revert the log_get_errorcount based
    check.
    --
    
    This fixes a bug where for an OCB encrypted and signed message with
    the signing key missing during decryption the DECRYPTION_FAILED status
    line was printed along with "WARNING: encrypted message has been
    manipulated". This was because we use log_error to show that the
    signature could not be verified due to the missing pubkey; the
    original fix looked at the error counter and thus triggered the
    decryption failed status.
    
    Fixes-commit: 82b39fe254703776209cebb88f428bf2d1eb596b
    GnuPG-bug-id: 7042

commit d9fdc165e65706f19e60221ad00b59a88fdff567
Author: Werner Koch <wk@gnupg.org>
Date:   Tue Sep 17 13:38:35 2024 +0200

    agent: Fix detection of the trustflag de-vs.
    
    * agent/trustlist.c (read_one_trustfile): Fix comparison.
    --
    
    Fixes-commit: 6d45fcdd3c3e8d039b05f7276e7619c19fc957d1
    GnuPG-bug-Id: 5079

commit 306f1250d22771a3a229bc1db25f682985e468c6
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Mon Sep 16 18:29:37 2024 +0200

    Add bug closer

commit 953f236edec2dac73ffc3f951b58ce6d4c9d62e0
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sun Sep 15 13:45:28 2024 +0200

    Document changes

commit c7b113a0c09a03d856eca3e846bb64ec59e60fb7
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sun Sep 15 13:36:20 2024 +0200

    Drop outdated libassuan.m4

commit b543a5458065b49b42c9168e5eae182b12ec456b
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sun Sep 15 13:24:02 2024 +0200

    Refresh patches, drop cherry-picked one

commit 5a9311e46107f591f34d40679eed5362c243b5e8
Merge: 9e369fb7 2bb3d7ba
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sun Sep 15 13:04:36 2024 +0200

    Update upstream source from tag 'upstream/2.2.44'
    
    Update to upstream version '2.2.44'
    with Debian dir c83b24b39e9e0826a6a84a29afa5b664a938a680

commit 2bb3d7bab032264e8b0cd1e70a8e34f7eb7c70c4
Merge: f85d326a 148a25f3
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Sun Sep 15 13:04:17 2024 +0200

    New upstream version 2.2.44

commit b357ff2aa64c6a0ff17941d99feeb1174035b031
Author: Werner Koch <wk@gnupg.org>
Date:   Thu Sep 12 11:06:09 2024 +0200

    gpg: Don't bail out for unknown subkey packet versions.
    
    * g10/import.c (read_block): Don't show a warning for unbnown version
    also for non-primary-key packets.
    
    * g10/parse-packet.c (parse_key): Use log_info for unsupported v5
    packets.
    --
    
    This fixes the problem that 2.2 can't import keys with a v5 subkey.
    This fix allows a gnupg 2.6. version to export a key with an
    additional PQC subkey and 2.2 can still import the other subkeys.
    
    The second patch avoids that gpg returns with an error code.
    
    Updates-commit: de70a2f377c1647417fb8a2b6476c3744a901296

Created: 2023-02-27 Last update: 2025-04-10 23:02

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2025-30258: (needs triaging) In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect usage flags, the user loses the ability to verify signatures made from certain other signing keys, aka a "verification DoS."

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-03-20 Last update: 2025-03-27 18:30

debian/patches: 36 patches to forward upstream low

Among the 42 debian patches available in version 2.2.46-6 of the package, we noticed the following issues:

36 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2025-03-22 21:30

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2024-05-15 Last update: 2024-05-15 10:14

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.7.0).

Created: 2025-02-21 Last update: 2025-03-22 18:27

testing migrations

excuses:
- Migration status for gnupg2 (2.2.46-6 to 2.4.7-13): BLOCKED: Maybe temporary, maybe blocked but Britney is missing information (check below)
- Issues preventing migration:
- ∙ ∙ missing build on amd64
- ∙ ∙ missing build on arm64
- ∙ ∙ missing build on armel
- ∙ ∙ missing build on armhf
- ∙ ∙ missing build on i386
- ∙ ∙ missing build on mips64el
- ∙ ∙ missing build on ppc64el
- ∙ ∙ missing build on riscv64
- ∙ ∙ missing build on s390x
- ∙ ∙ missing build on all
- ∙ ∙ arch:all not built yet, autopkgtest delayed
- ∙ ∙ Too young, only 0 of 5 days old
- Additional info:
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/g/gnupg2.html
- ∙ ∙ Waiting for reproducibility test results on amd64 - info ♻
- ∙ ∙ Waiting for reproducibility test results on arm64 - info ♻
- ∙ ∙ Waiting for reproducibility test results on armhf - info ♻
- ∙ ∙ Waiting for reproducibility test results on i386 - info ♻
- Not considered

news

[rss feed]

[2025-04-10] Accepted gnupg2 2.4.7-13 (source) into unstable (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2025-04-08] Accepted gnupg2 2.4.7-12 (source) into experimental (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2025-03-31] Accepted gnupg2 2.4.7-11 (source) into experimental (Andreas Metzler)
[2025-03-28] gnupg2 2.2.46-6 MIGRATED to testing (Debian testing watch)
[2025-03-22] Accepted gnupg2 2.2.46-6 (source) into unstable (Andreas Metzler)
[2025-03-20] gnupg2 2.2.46-5 MIGRATED to testing (Debian testing watch)
[2025-03-17] Accepted gnupg2 2.4.7-10 (source) into experimental (Andreas Metzler)
[2025-03-13] Accepted gnupg2 2.4.7-9 (source) into experimental (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2025-03-13] Accepted gnupg2 2.2.46-5 (source) into unstable (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2025-03-07] Accepted gnupg2 2.2.46-4 (source) into unstable (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2025-03-07] Accepted gnupg2 2.4.7-8 (source) into experimental (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2025-03-05] Accepted gnupg2 2.4.7-7 (source) into experimental (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2025-03-05] Accepted gnupg2 2.2.46-3 (source) into unstable (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2025-02-26] Accepted gnupg2 2.4.7-6 (source) into experimental (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2025-02-26] Accepted gnupg2 2.2.46-2 (source) into unstable (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2025-02-22] Accepted gnupg2 2.4.7-5 (source) into experimental (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2025-02-08] Accepted gnupg2 2.4.7-4 (source) into experimental (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2025-01-29] Accepted gnupg2 2.4.7-3 (source amd64 all) into experimental (Debian FTP Masters) (signed by: dkg@debian.org)
[2025-01-26] Accepted gnupg2 2.4.7-2 (source) into experimental (Andreas Metzler)
[2025-01-15] gnupg2 2.2.46-1 MIGRATED to testing (Debian testing watch)
[2025-01-10] Accepted gnupg2 2.2.46-1 (source) into unstable (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2025-01-08] Accepted gnupg2 2.2.46~pre1-1 (source) into unstable (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2025-01-08] Accepted gnupg2 2.2.45-3 (source) into unstable (Daniel Kahn Gillmor) (signed by: dkg@debian.org)
[2024-11-30] Accepted gnupg2 2.4.7-1 (source) into experimental (Andreas Metzler)
[2024-11-08] gnupg2 2.2.45-2 MIGRATED to testing (Debian testing watch)
[2024-11-04] Accepted gnupg2 2.4.6-1 (source) into experimental (Andreas Metzler)
[2024-11-01] Accepted gnupg2 2.2.45-2 (source) into unstable (Andreas Metzler)
[2024-10-26] Accepted gnupg2 2.2.45-1 (source) into unstable (Andreas Metzler)
[2024-10-17] gnupg2 2.2.44-1 MIGRATED to testing (Debian testing watch)
[2024-09-28] Accepted gnupg2 2.2.44-1 (source) into unstable (Andreas Metzler)

bugs [bug history graph]

all: 243 257
RC: 0
I&N: 182 192
M&W: 61 65
F&P: 0
patch: 3 4
help: 1

links

homepage
buildd: logs, exp, checks, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
l10n (-, 64)
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.4.4-2ubuntu23
67 bugs (1 patch)
patches for 2.4.4-2ubuntu23