There's a merged pull request on the void-packages repository gnupg: adopt, update to 2.3.7. https://github.com/void-linux/void-packages/pull/38021 Description: ## Test/Stable/LTS/Legacy?! GnuPG has a few different development branches, and they do change their mind sometimes about what those are. They used to say this: > We are pleased to announce the availability of a new GnuPG release: > version 2.3.0. This release marks the start of public testing releases > eventually leading to a new stable version 2.4. Source: https://lists.gnupg.org/pipermail/gnupg-announce/2021q2/000458.html But with 2.3.3, they changed their mind: > Three different series of GnuPG are actively maintained: > > - Version 2.3 is the current stable version with a lot of new features > compared to 2.2. This announcement is about the latest release of > this series. > > - Version 2.2 is our LTS (long term support) version and guaranteed to > be maintained at least until the end of 2024. > See https://gnupg.org/download/index.html#end-of-life > > - Version 1.4 is only maintained to allow decryption of very old data > which is, for security reasons, not anymore possible with other GnuPG > versions. Source: https://lists.gnupg.org/pipermail/gnupg-announce/2021q4/000466.html I'd say packaging stable instead of LTS is fine, and if someone really needs LTS then we should have a separate LTS package instead. #### Testing the changes - I tested the changes in this PR: **briefly** So, considering this is a bit of a bigger change I selected `briefly` here, but I did do quite a bit of testing on my machine, and I've not noticed any breakage yet. Encryption/decryption still works, I can still authenticate to servers via ssh, with the key residing on a yubikey being accessed through gnupg-agent, everything good.