Ubuntu alert USN-7946-1 (gnupg2)
| From: | noreply+usn-bot@canonical.com | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-7946-1] GnuPG vulnerability | |
| Date: | Thu, 08 Jan 2026 20:37:42 +0000 | |
| Message-ID: | <E1vdwlK-0001vW-EL@lists.ubuntu.com> |
========================================================================== Ubuntu Security Notice USN-7946-1 January 08, 2026 gnupg2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.10 - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: GnuPG could be made to crash or run programs if it received specially crafted network traffic. Software Description: - gnupg2: GNU privacy guard - a free PGP replacement Details: It was discovered that GnuPG incorrectly handled crafted input. A remote attacker could possibly use this issue to crash the program, or execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.10 gnupg 2.4.8-2ubuntu2.1 gnupg2 2.4.8-2ubuntu2.1 gpg 2.4.8-2ubuntu2.1 Ubuntu 25.04 gnupg 2.4.4-2ubuntu23.2 gnupg2 2.4.4-2ubuntu23.2 gpg 2.4.4-2ubuntu23.2 Ubuntu 24.04 LTS gnupg 2.4.4-2ubuntu17.4 gnupg2 2.4.4-2ubuntu17.4 gpg 2.4.4-2ubuntu17.4 Ubuntu 22.04 LTS gnupg 2.2.27-3ubuntu2.5 gnupg2 2.2.27-3ubuntu2.5 gpg 2.2.27-3ubuntu2.5 Ubuntu 20.04 LTS gnupg 2.2.19-3ubuntu2.5+esm1 Available with Ubuntu Pro gnupg2 2.2.19-3ubuntu2.5+esm1 Available with Ubuntu Pro gpg 2.2.19-3ubuntu2.5+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS gnupg 2.2.4-1ubuntu1.6+esm2 Available with Ubuntu Pro gnupg2 2.2.4-1ubuntu1.6+esm2 Available with Ubuntu Pro gpg 2.2.4-1ubuntu1.6+esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS gnupg2 2.1.11-6ubuntu2.1+esm3 Available with Ubuntu Pro gpgv2 2.1.11-6ubuntu2.1+esm3 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7946-1 CVE-2025-68973 Package Information: https://launchpad.net/ubuntu/+source/gnupg2/2.4.8-2ubuntu2.1 https://launchpad.net/ubuntu/+source/gnupg2/2.4.4-2ubuntu... https://launchpad.net/ubuntu/+source/gnupg2/2.4.4-2ubuntu... https://launchpad.net/ubuntu/+source/gnupg2/2.2.27-3ubunt...
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE+8neBLO2Hp/ppPlOcpJm3tlzhgEFAmlfvOYACgkQcpJm3tlz hgHVGw/9Hb/D+zrP73dHI/DYf6klfKRGsuArbRf9E0ZSbTUNhbFZrMi46hbn7FcH 0PBjQX9WQGln2YO0B9dcUepj0A0LKD0vL43YxD1tDDjbdv3oy8aaBQYfRUuW+hIh jMEBbTBqPbFRnDIa7SR/tvge50ZS3x7f7ZuePiWASqxm6sCxZUbNb1NdcmAI55CB f5Rk+xO6IZi0tqXTI6l8yUHkIt3z28zSpKIBCuwhidcYx2T9TMUmYSq4MiXa8YCA zhIe8GAz+iY4+Ru6h+6kl17naDjcx+kTiBjHWqlWcuPigdjVaJU7l+4Jy8pKMSWd WxxSZe8Lf0I/56uXTwgfOQBfTJpY7FVtET1eebNAK5ZAfwnk1j/e08OtmeFQr8Dp glIrVDQiNz47SwOlUPIaEwfGVm9y6DWIwesLTWititPtEDQwKJZNOdES6VFuwube Vi3nXHE2byOCHuU11RvnC7Or3IRPsvxw7JY5nve4bmZ90FyoevulV++IYzgN4bWP EVBOhnzGwFqRLjVg5pIlxi27NUZSOvvpReg1/9Xnz7E4G3i8pALFlCDr7Bizl19y f3lDo6q5Q1Pd1mWxUqrZXK57klLUFevH0lRzKfezq/y7y5Pa6+lz4wQbFod++wZ4 3YPdVn8eXxNtFlh9YN/WF82mMI7gZ4k6fjEoLMCvl0hbjjg8ztA= =LI2w -----END PGP SIGNATURE-----