Package: gnupg Version: 2.1.15-2 Severity: grave A simple verification of a inlined signed file leaves the agent running. This makes it impossible to clean up the system properly. This is for example used by cdebootstrap.
As it is inline signed, it is not possible to use gpgv, which can't decode messages. Bastian -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (990, 'testing'), (500, 'stable-updates'), (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.6.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages gnupg2 depends on: ii dpkg 1.18.9 ii gnupg-agent 2.1.11-7 ii install-info 6.1.0.dfsg.1-8 ii libassuan0 2.4.3-1 ii libbz2-1.0 1.0.6-8 ii libc6 2.23-2 ii libgcrypt20 1.7.2-2 ii libgpg-error0 1.24-1 ii libksba8 1.3.4-3 ii libreadline6 6.3-8+b4 ii libsqlite3-0 3.13.0-1 ii zlib1g 1:1.2.8.dfsg-2+b1 Versions of packages gnupg2 recommends: pn dirmngr <none> Versions of packages gnupg2 suggests: pn gnupg-doc <none> pn parcimonie <none> pn xloadimage <none> -- no debconf information
