It looks like the gnupg package is pinned at 2.2.32 with the following
note:
;; Note2: 2.2.33 currently suffers from regressions, so do not update to it
;; (see: https://dev.gnupg.org/T5742).
However, the bug referenced here is fixed in upstream commit
4cc724639c012215f59648cbb4b7631b9d352e36, which shipped in gnupg
2.2.34. Meanwhile, all gnupg releases older than 2.2.35 suffer from
an S/MIME key-parsing bug (referenced in
https://www.mail-archive.com/gnupg-users@gnupg.org/msg40758.html).
I believe the pin on 2.2.32 can be lifted, but as gnupg is important
infrastructure I am unsure about directly submitting a patch to update
to a newer version.
Ethan
