Am Dienstag 18 Oktober 2022 09:55:12 schrieb Werner Koch via Gnupg-users: > On Tue, 18 Oct 2022 08:59, Alessandro Vesely said: > > > If you see a version number of 1.6.2 or newer, you got the fix. > > Debian fix kept the old version number 1.5.0-3, though:
The libksba8 debian packages for Buster and Bullseye are 1.3.5-2+deb10u1 1.5.0-3+deb11u1 and yes, the proposed check with gpgconf --show-versions is not a test for Debian, check the package version instead. > FWIW: Debian thus misses For the upcoming version Debian of course has 1.6.2-3 and thus gets the new features. Thanks to the maintainers (Andres Metzler and Markus Koschany did the uploads). *wave* See https://security-tracker.debian.org/tracker/CVE-2022-3515 It seems Debian was quite fast to react. :) Regards, Bernhard -- https://intevation.de/~bernhard +49 541 33 508 3-3 Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998 Geschäftsführer Frank Koormann, Bernhard Reiter
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
