Package "gpgv-static"

Name:	gpgv-static
Description:	minimal signature verification tool (static build)
Latest version:	2.4.4-2ubuntu23.1
Release:	plucky (25.04)
Level:	security
Repository:	universe
Head package:	gnupg2
Homepage:	https://www.gnupg.org/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "gpgv-static"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "gpgv-static" in Plucky

Repository	Area	Version
base	universe	2.4.4-2ubuntu23
updates	universe	2.4.4-2ubuntu23.1

Changelog

Version: 2.4.4-2ubuntu23.1 2025-07-08 23:18:59 UTC

gnupg2 (2.4.4-2ubuntu23.1) plucky-security; urgency=medium * debian/patches/fix-key-validity-regression-due-to-CVE-2025- 30258.patch: - Fix a key validity regression following patches for CVE-2025-30258, causing trusted "certify-only" primary keys to be ignored when checking signature on user IDs and computing key validity. This regression makes imported keys signed by a trusted "certify-only" key have an unknown validity (LP: #2114775). -- dcpi <dcpi@u22vm> Thu, 26 Jun 2025 18:13:59 +0000

2114775	Key validity not computed when key is certified by a trusted \
CVE-2025-30258	In GnuPG before 2.5.5, if a user chooses to import a certificate with certain crafted subkey data that lacks a valid backsig or that has incorrect us

About - Send Feedback to @ubuntu_updates

Package "gpgv-static"

Links

Download "gpgv-static"

Other versions of "gpgv-static" in Plucky

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

PPA updates