Your message dated Sat, 21 Feb 2026 16:05:00 +0000
with message-id <[email protected]>
and subject line Bug#1126259: fixed in gnupg2 2.4.9-2
has caused the Debian Bug report #1126259,
regarding gpgsm: pinentry-tty options for adding trust CA correct cancel wrong
[ccw]
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1126259: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126259
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: gpgsm
Version: 2.4.7-21+deb13u1+b1
Severity: normal
Dear Maintainer,
The following situation occurs:
$ gpgsm --list-chain --with-validation
...
Do you ultimately trust
"CN=HARICA Client RSA Root CA 2021
O=Hellenic Academic and Research Institutions CA
C=GR"
to correctly certify user certificates?
Yes
Cancel
No
[ycn]? y
Please verify that the certificate identified as:
"CN=HARICA Client RSA Root CA 2021
O=Hellenic Academic and Research Institutions CA
C=GR"
has the fingerprint:
46:C6:90:0A:77:3A:B6:BC:F4:65:AD:AC:FC:E3:F7:07:00:6E:DE:6E
Correct
Cancel
Wrong
[ccw]? c
...
There are 2 identical [c], I'm not sure if this intended as correct or
cancel. With pinentry-curses you can choose by moving your marking, but on
pinentry-tty it's not possible.
Edit the file .gnupg/trustlist.txt by hand resolves the problem, but it's not
the point, to use gpgsm.
-- System Information:
Debian Release: 13.3
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.12.63+deb13-amd64 (SMP w/20 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages gpgsm depends on:
ii gpgconf 2.4.7-21+deb13u1+b1
ii libassuan9 3.0.2-2
ii libc6 2.41-12+deb13u1
ii libgcrypt20 1.11.0-7
ii libgpg-error0 1.51-4
ii libksba8 1.6.7-2+b1
ii libnpth0t64 1.8-3
ii libreadline8t64 8.2-6
Versions of packages gpgsm recommends:
ii gnupg 2.4.7-21+deb13u1
gpgsm suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: gnupg2
Source-Version: 2.4.9-2
Done: Andreas Metzler <[email protected]>
We believe that the bug you reported is fixed in the latest version of
gnupg2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Metzler <[email protected]> (supplier of updated gnupg2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 21 Feb 2026 15:27:53 +0100
Source: gnupg2
Architecture: source
Version: 2.4.9-2
Distribution: experimental
Urgency: low
Maintainer: Debian GnuPG Maintainers <[email protected]>
Changed-By: Andreas Metzler <[email protected]>
Closes: 1126259 1126631
Changes:
gnupg2 (2.4.9-2) experimental; urgency=low
.
[ Andreas Metzler ]
* Update gpg.fail Debian status info.
* Highlight/exclude minisign issues.
* Add accelerator keys for "Wrong" and "Correct".
Patch from uostream GIT master. (Closes: #1126259)
* Fix stack-based buffer overflow in tpm2daemon. CVE-2026-24882 Patches
(bugfix and regression) from upstream GIT master. (Closes: #1126631)
.
[ Luca Boccassi ]
* dirmngr: drop unused adduser dependency.
None of the adduser binaries are used anymore, drop the dependency.
The postinst that used it was removed shortly after it was
introduced, by commit 279bf10f4e0ccf238710a0f9881e79f16420bcb4
Checksums-Sha1:
88a11d2a4086cf6bc95f4efbbf43626e464aee09 5453 gnupg2_2.4.9-2.dsc
6bae7626c2d74d460ac06cf1d13ce7efaf558b61 103428 gnupg2_2.4.9-2.debian.tar.xz
Checksums-Sha256:
dd5684de602808ff5e8cdf9a4ed97c7e9701f9078777d9ccb171de90a8ea4e9e 5453
gnupg2_2.4.9-2.dsc
56762cd573fa95972a154d93ff69013895c8a936ee8b8dec265a88c779b24b13 103428
gnupg2_2.4.9-2.debian.tar.xz
Files:
d65b8a83ff32a309428a0f9ba57bec26 5453 utils optional gnupg2_2.4.9-2.dsc
2b8de3949775052caeda3d07f342b0ba 103428 utils optional
gnupg2_2.4.9-2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAmmZ02MACgkQpU8BhUOC
FIRU6g//RuBUp594CPjb8JB6CBHR31A27i/wUosxOL+JTi2Ufw5X5ZXBSgLBzF1+
vxXtFYQ1dWpZUYEwIkjFIFa+mgTncrZb7hqI/Syq7ulUyBvLBibx3xTG4B2XUlqN
krQFQhNMP4jEjtr1dCPsMuAwah/bap5TIB+nwqJ3XcgJ8MEzvSKmgIKyd8pglwOx
5hj2aOa5VrENYCwmK/wyVto0DED4mJKSgQuCvz9xIN0xvl4tamrGB9SENIjKNorG
faZ/2E+x2bKvQ7bqiuO08StSkcffGtaoWTkJAt8UhGamm3YaPNCTneKw1DavyS+g
asDXmuI0ziDrVTGQ5ORN+ORiPC6+yjmqOGUH3S61xOhGK0KkkuSkBuzek7moHrVd
QyqZIvhdVQKhYMfShxKl+50WcsjGF4l12aGpRG0pqYbmUv16eqOf6SAEmmORSoP7
Qi4Dl1KCuZInbeYkhrKG0YpOCPQSdlSOPzRZcPLpIMev0CCHCeSwWy4A6U7oTe4U
rkc8DMCJOYaGghbqtZC3YQGFBjD5/ZKuz5EuhMx+XiZQ/XUsDWaaGzfX+QzLbuPW
Ntldwf9fGz4Iwlx8XtkEL+bcV7XoQJwOYokoGqxvKuHg9M0yuLUEBB9ArfTs2XFv
C2wCBMkJQvNflXPBaN5AzFoQ8y2YKUq1mO2PMJ9tnemdE6pEvkI=
=CXmx
-----END PGP SIGNATURE-----
pgpLCFZfKD6xB.pgp
Description: PGP signature
--- End Message ---
