gpg: Prepare against chosen-prefix SHA-1 collisions in key
signatures. This change removes all SHA-1 based key signature
newer than 2019-01-19 from the web-of-trust. Note that this
includes all key signature created with dsa1024 keys. The new
option --allow-weak-key-signatues can be used to override the new
and safer behaviour. [#4755,CVE-2019-14855]
This update has been submitted for testing by tmraz.
This update's test gating status has been changed to 'waiting'.
This update's test gating status has been changed to 'ignored'.
This update has been pushed to testing.
Works
fyi, GnuPG 2.2.18 fixes CVE-2019-14855
references
Working fine for me.
This update has been submitted for stable by bodhi.
This update has been pushed to stable.