Package: libgcrypt20 Version: 1.7.6-2+deb9u1 Severity: important Dear Maintainer,
importing a certificate with "gpgsm --import" that uses ecdsa-with-SHA384 as signature algorithm fails with the error message gpgsm: unknown hash algorithm '1.2.840.10045.4.3.3' gpgsm: self-signed certificate has a BAD signature: General error gpgsm: basic certificate checks failed - not imported This bug has been addressed and fixed upstream following the patch note https://dev.gnupg.org/rCa7bd2cbd3eabda88fb3cac5cbc13c21c97a7b315#7bc618ca Please implement this patch into libgcrypt20 in Debian Stretch. Kind regards, Bart -- System Information: Debian Release: 9.1 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=de:en_US (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages libgcrypt20 depends on: ii libc6 2.24-11+deb9u1 ii libgpg-error0 1.26-2 libgcrypt20 recommends no packages. Versions of packages libgcrypt20 suggests: pn rng-tools <none> -- no debconf information
