Grpye reports gpg packages are not fixed for CVE-2022-3515 security vuln in libksba
Grype reports issues with:
CVE-2022-3515 critical vulnerability for gpgsm package CVE-2022-3515 critical vulnerability for gpg-agent package CVE-2022-3515 critical vulnerability for gpg package CVE-2022-3515 critical vulnerability for gnupg-gpgconf package
It looks like this is because CVE-2022-3515 was fixed, but these packages were not rebuilt against the fixed library.
Can you take a look. Thanks.
-- rouilj