[ALSA-2026:0728] Important: gnupg2 security update
Type:
security
Severity:
important
Release date:
2026-01-16
Description:
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Security Fix(es): * GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 gnupg2-2.2.20-4.el8_10.aarch64.rpm 65b056ade4a58c2b51b7e4477b02d466919f9ba3cec44754fba6cdcada735baf
aarch64 gnupg2-smime-2.2.20-4.el8_10.aarch64.rpm a880162e6b0b9526951741c0f1a812a67959003dc94da8504fc90147436d8c91
ppc64le gnupg2-smime-2.2.20-4.el8_10.ppc64le.rpm 17aa830d14ba25a5a852f7554ca3c0c457332cdee246c4b55a67e9a5109914e0
ppc64le gnupg2-2.2.20-4.el8_10.ppc64le.rpm 5024e7d97daff2493710bda787d04276dce71aad994fe8225741c8fc9a65439a
s390x gnupg2-smime-2.2.20-4.el8_10.s390x.rpm 40370cf8557fa8c64e075165e0b3dd5072ef68b2dd6dec5fe86add5a1f0342e9
s390x gnupg2-2.2.20-4.el8_10.s390x.rpm 576020ac7382c5d311d1d8d94f927d4e895bd9b7a581a011292655f6e08ef060
x86_64 gnupg2-smime-2.2.20-4.el8_10.x86_64.rpm ab779d6b6d086f6973a5b2020e9da1e9820972caac1fff3d86a547e849ff80ae
x86_64 gnupg2-2.2.20-4.el8_10.x86_64.rpm af5092896913e3d783dbd9b93c46405fa01958177522ffdb955c6ec9578c3499
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.