Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 515
Alerts This Week
Warning Icon 1 515

Ubuntu 22.04 LTS USN-7412-2 important: gnupg regression issue

ubuntu
Calendar Grey July 9, 2025
Scroller Ubuntu
Recent vulnerability discovered in GnuPG across various Ubuntu versions, posing a risk to system security. Apply the latest patches to resolve complications caused by earlier updates.
USN-7412-1 introduced a regression in GnuPG.

Summary

USN-7412-1 introduced a regression in GnuPG.

Software Description:

- gnupg2: GNU privacy guard - a free PGP replacement

Details:

USN-7412-1 fixed vulnerabilities in GnuPG. The update introduced a

regression. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

 It was discovered that GnuPG incorrectly handled importing keys with

 certain crafted subkey data. If a user or automated system were tricked

 into importing a specially crafted key, a remote attacker may prevent

 users from importing other keys in the future.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
   gnupg                           2.4.4-2ubuntu23.1
   gnupg2                          2.4.4-2ubuntu23.1
   gpg                             2.4.4-2ubuntu23.1

Ubuntu 24.10
   gnupg                           2.4.4-2ubuntu18.3
   gnupg2                          2.4.4-2ubuntu18.3
   gpg                             2.4.4-2ubuntu18.3

Ubuntu 24.04 LTS
   gnupg                           2.4.4-2ubuntu17.3
   gnupg2                          2.4.4-2ubuntu17.3
   gpg                             2.4.4-2ubuntu17.3

Ubuntu 22.04 LTS
   gnupg                           2.2.27-3ubuntu2.4
   gnupg2                          2.2.27-3ubuntu2.4
   gpg                             2.2.27-3ubuntu2.4

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7412-2

https://ubuntu.com/security/notices/USN-7412-1

https://bugs.launchpad.net/ubuntu/+source/gnupg2/+bug/2114775

Severity
important
Lowest
Low
Medium
High
Critical

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.