On Sun 2019-07-21 15:55:28 -0400, Daniel Kahn Gillmor wrote:
> Package: release.debian.org
> Severity: normal
> Tags: buster
> User: release.debian.org@packages.debian.org
> Usertags: pu
> Control: affects -1 src:gnupg2
>
> The version of GnuPG in debian buster (2.2.12-1) has a number of
> outstanding bugs related to OpenPGP certificate management and network
> access. Many of these concerns are addressed in some of the patches
> in upstream's STABLE-BRANCH-2-2 series.
>
> The debdiff (attached) is basically a slew of bugfix, documentation,
> stability, and efficiency patches cherry-picked from upstream, plus
> some additional changes to reduce the exposure of debian users to
> malicious attack on the SKS keyserver network, and some improvements
> in the continuous integration test suite.
ping on this? i'd appreciate any feedback about its prospects for
fixing problems for users of debian buster.
--dkg
Attachment:
signature.asc
Description: PGP signature