Issued at: 2026-01-20
Updated at: 2026-01-21
Synopsis
Important: gnupg2 security update
Description
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected products
Rocky Linux 9 aarch64
Rocky Linux 9 ppc64le
Rocky Linux 9 s390x
Rocky Linux 9 x86_64
Fixes
2425966
CVEs
CVE-2025-68973
Affected packages
Rocky Linux 9 ppc64le - AppStream
gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le.rpm
gnupg2-smime-0:2.3.3-5.el9_7.ppc64le.rpm
Rocky Linux 9 aarch64 - BaseOS
gnupg2-0:2.3.3-5.el9_7.aarch64.rpm
gnupg2-0:2.3.3-5.el9_7.src.rpm
gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64.rpm
gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64.rpm
Rocky Linux 9 ppc64le - BaseOS
gnupg2-0:2.3.3-5.el9_7.ppc64le.rpm
gnupg2-0:2.3.3-5.el9_7.src.rpm
gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le.rpm
gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le.rpm
Rocky Linux 9 s390x - BaseOS
gnupg2-0:2.3.3-5.el9_7.s390x.rpm
gnupg2-0:2.3.3-5.el9_7.src.rpm
gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x.rpm
gnupg2-debugsource-0:2.3.3-5.el9_7.s390x.rpm
Rocky Linux 9 x86_64 - BaseOS
gnupg2-0:2.3.3-5.el9_7.src.rpm
gnupg2-0:2.3.3-5.el9_7.x86_64.rpm
gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64.rpm
gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64.rpm
Rocky Linux 9 aarch64 - AppStream
gnupg2-smime-0:2.3.3-5.el9_7.aarch64.rpm
gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64.rpm
Rocky Linux 9 s390x - AppStream
gnupg2-smime-0:2.3.3-5.el9_7.s390x.rpm
gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x.rpm
Rocky Linux 9 x86_64 - AppStream
gnupg2-smime-0:2.3.3-5.el9_7.x86_64.rpm
gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64.rpm