Overview

File _patchinfo of Package patchinfo.37976

<patchinfo incident="37976">
  <packager>lmulling</packager>
  <issue tracker="bnc" id="1239119">VUL-0: gpg2: verification DoS due to a malicious subkey in the keyring</issue>
  <issue tracker="bnc" id="1239817"></issue>
  <issue tracker="bnc" id="1236931"></issue>
  <issue tracker="cve" id="2025-30258"></issue>
  <category>security</category>
  <rating>low</rating>
  <summary>Recommended update for gpg2</summary>
  <description>This update for gpg2 fixes the following issues:

- CVE-2025-30258: Fixed DoS due to a malicious subkey in the keyring (bsc#1239119).

Other bugfixes:

- Do not install expired sks certificate (bsc#1243069).
- gpg hangs when importing a key (bsc#1236931).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places