| Release | Version |
|---|---|
| stretch | 1.4.21-4+deb9u1 |
| buster | 1.4.23-1 |
| bullseye | 1.4.23-1.1 |
| bookworm | 1.4.23-1.1 |
| trixie | 1.4.23-2 |
| sid | 1.4.23-2 |
| Bug | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-7526 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | libgcrypt before version 1.7.8 is vulnerable to a cache side-channel a ... |
| Bug | stretch | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-34903 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | GnuPG through 2.3.6, in unusual situations where an attacker possesses ... |
| CVE-2022-3219 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | GnuPG can be made to spin on a relatively small input by (for example) ... |
| CVE-2019-14855 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | A flaw was found in the way certificate signatures could be forged usi ... |
| CVE-2018-6829 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt mess ... |
| Bug | Description |
|---|---|
| CVE-2018-1000858 | GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CS ... |
| CVE-2018-12020 | mainproc.c in GnuPG before 2.2.8 mishandles the original filename duri ... |
| CVE-2016-6313 | The mixing functions in the random number generator in Libgcrypt befor ... |
| DSA / DLA | Description |
|---|---|
| DSA-4223-1 | gnupg1 - security update |