On 26 June 2014 10:44, Neal Oakey <[email protected]> wrote: > Hi, > > when will this be fixed? > > Greetings, > Neal > > Am 24.06.2014 17:33, schrieb Remi Gacogne: >> Hi all, >> >> A security issue has been reported to oss-security [1] regarding a >> denial of service in GnuPG < 2.0.24. Please see the original message >> posted to oss-security or the GnuPG announcement [2] for additional >> information. >> >> The GnuPG package in Arch Linux is currently in version 2.0.23 and >> therefore seems to be vulnerable. It has already been flagged as >> out-of-date but has not been updated yet. >> >> [1] http://www.openwall.com/lists/oss-security/2014/06/24/1 >> [2] http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html >> >> Best regards, >> >> Remi >> >> >
GnuPG 2.0.24 is currently in [testing]. https://www.archlinux.org/packages/testing/i686/gnupg/ It should hit "stable" repo as soon as it gets its signoffs.
