Post from 2025-02-12 19:25:26

@schrotthaufen That would mean there is an unrelated problem in the signing process that would deserve a separate CVE/advisory.