pkg:Debian/gitsign

所有已知漏洞

• MEDIUM5.4CVE-2026-44310gitsign --verify panics on empty-certificate PKCS7 and exits 0, bypassing exit-code callers
  from 0
• MEDIUM5.3CVE-2026-44309gitsign verify accepts signatures over go-git-normalized bytes, enabling trust confusion on malformed commits
  from 0