Arch Linux

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#75229 - [gnupg] [security] CVE-2022-34903

Attached to Project: Arch Linux
Opened by mysta (mysta) - Monday, 04 July 2022, 00:35 GMT
Last edited by Levente Polyak (anthraxx) - Wednesday, 06 July 2022, 23:51 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To Levente Polyak (anthraxx)
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No


The attached diff adds an upstream patch to fix CVE-2022-34903.

Additional info:
This task depends upon

Closed by  Levente Polyak (anthraxx)
Wednesday, 06 July 2022, 23:51 GMT
Reason for closing:  Fixed
Additional comments about closing:  2.2.36-1
Comment by mysta (mysta) - Wednesday, 06 July 2022, 23:02 GMT
2.3.36 released, so this can be closed upon update
Comment by Levente Polyak (anthraxx) - Wednesday, 06 July 2022, 23:51 GMT
Thanks for the patch, unfortunately it still wasn't assigned :/