Your message dated Sat, 10 Jan 2026 11:59:45 +0000
with message-id <[email protected]>
and subject line Released with 12.13
has caused the Debian Bug report #1124465,
regarding bookworm-pu: package gnupg2/2.2.40-1.1+deb12u2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1124465: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1124465
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: [email protected], [email protected], Daniel Kahn
Gillmor <[email protected]>
Control: affects -1 + src:gnupg2
User: [email protected]
Usertags: pu
Hello,
this is the pendant to #1124429 for bookworm.
We would like to fix CVE-2025-68973 and three other issues from
gnupg(dot)fail in the January oldstable update. team@security
would prefer the fix to go via stable updates because
| [...] the key benefit to have gnupg2 exposed in public via the
| proposed updates suites as soon accepted.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
cu Andreas
gnupg2_2.2.40-1.1+deb12u2.deb.diff.gz
Description: application/gzip
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Package: release.debian.org\nVersion: 12.13\n\nThis update has been released as
part of Debian 12.13.
--- End Message ---
