diff --git a/misc/blog.gnupg.org/20221017-pepe-left-the-ksba.org b/misc/blog.gnupg.org/20221017-pepe-left-the-ksba.org
index 8da9251..74b056e 100644
--- a/misc/blog.gnupg.org/20221017-pepe-left-the-ksba.org
+++ b/misc/blog.gnupg.org/20221017-pepe-left-the-ksba.org
@@ -1,171 +1,175 @@
 #+STARTUP: showall
 #+OPTIONS: ^:{} num:nil toc:nil
 #+STARTUP: showall
 #+AUTHOR: g10 Code GmbH
 #+DATE: 2022-10-17 (updated 2022-12-20)
 #+TITLE: Security Advisory for Libksba/GnuPG (CVE-2022-3515)
 
 #+html: <div class="urgent"><p>Security Advisory for Libksba / GnuPG</p></div>
 #+Latex: \enlargethispage{2cm}
 
 ** Integer Overflow in LibKSBA / GnuPG
 
 A severe bug has been found in [[https://gnupg.org/software/libksba/][Libksba]] , the library used by GnuPG for
 parsing the ASN.1 structures as used by S/MIME.  The bug affects all
 versions of [[https://gnupg.org/software/libksba/][Libksba]]  before 1.6.3 and may be used for remote code
 execution.  *Updating this library is thus important*.
 
 *** Who is affected
 
 The major user of [[https://gnupg.org/software/libksba/][Libksba]] is /gpgsm/, the S/MIME cousin of /gpg/.
 There it is used to parse all kind of input data, in particular signed
 or encrypted data in files or in mails.  Feeding a user with malicious
 data can thus be easily achieved.
 
 A second user of [[https://gnupg.org/software/libksba/][Libksba]] is /dirmngr/, which is responsible for loading
 and parsing Certificate Revocation Lists (CRLs) and for verifying
 certificates used by TLS (i.e. https connections).  Mounting an attack
 is a bit more complex but can anyway be easily done using a rogue web
 server to serve a Web Key Directory, certificates, or CRLs.
 
 An exploit is not yet publicly known but very straightforward to create
 for experienced crooks.
 
 Affected to our knowledge are:
 
 - Most software using /Libksba/ versions up to 1.6.2
 
 - All /Gpg4win/ versions from version 2.0.0 up to 4.0.4
 
 - All /GnuPG VS-Desktop^{\reg}/ versions from 3.1.16 up to 3.1.25
 
 - All /GnuPG installers for Windows/ from version 2.3.0 up to  2.3.8
 
 - All /GnuPG LTS installers for Windows/ from version 2.1.0 up to 2.2.40
 
 
 *** How to fix
 
 If you are on a Unix or Linux system you should get the latest version
 of Libksba (1.6.3 or newer), build the software and install the new
 shared library.  Restart any background processes (e.g. =gpgconf
 --kill all= for GnuPG).  In the rare case that Libksba is statically
 linked remember to rebuild those binaries.
 
 If your are on Windows or if you use an AppImage of GnuPG VS-Desktop
 update to the latest version:
 
 - Gpgwin version 4.1.0 or newer
 - GnuPG VS-Desktop version 3.1.26 or newer (MSI or AppImage)
 - GnuPG installer for Windows version 2.4.0
 - GnuPG LTS installer for Windows version 2.2.41
 
 In case you are not yet ready to deploy a new version, please extract
 =libksba-8.dll= from the respective package and replace the
 original one by this one.  This is sufficient to fix the security
 issue.
 
 
 *** How to check whether GnuPG has been fixed
 
 GnuPG is the most prominent user of Libksba and it is not immediately
 visible whether a fixed version of Libksba is used. To check this run:
 
 : gpgconf --show-versions
 
 and watch out for a line like
 
 : * KSBA 1.6.3 (xxxxx)
 
 If you see a version number of 1.6.3 or newer, you got the fix.
 
 *** CVE
 
 - GnuPG-bug-id :: 6230 (https://dev.gnupg.org/T6230)
-- CVE  ::  CVE-2022-3515
+- CVE  :: CVE-2022-3515
 - CVSS :: 8.1: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
 - Other-IDs  :: ZDI-CAN-18927, ZDI-CAN-18928, ZDI-CAN-18927
 
 CVSS taken from the Trend Micro Zero Day Initiative report.
 
+For the second vulnerability:
+
+- GnuPG-bug-id :: 6284 (https://dev.gnupg.org/T6284)
+- CVE :: CVE-2022-47629
 
 ** Technical background
 
 The task of Libksba is to parse and build ASN.1 objects as used by
 S/MIME, X.509, and CMS.  The used encoding (BER, DER) is based on
 tag-length-value objects.  The function /_ksba_ber_read_tl/ parses
 such data and returns the tag and associated information in this
 structure:
 
 #+begin_src C
 struct tag_info {
   enum tag_class class;
   int is_constructed;
   unsigned long tag;
   unsigned long length;  /* Length part of the TLV */
   int ndef;              /* It is an indefinite length */
   size_t nhdr;           /* Number of bytes in the TL */
   unsigned char buf[10]; /* Buffer for the TL */
   const char *err_string;
   int non_der;
 };
 #+end_src
 
 At several places we need to copy the objects to a local buffer.  For
 example we copy OIDs to a statically encoded buffer for further
 processing:
 
 #+begin_src C
   struct tag_info ti;
   unsigned char tmpbuf[500]; /* for OID or algorithmIdentifier */
   [...]
   if (ti.nhdr + ti.length >= DIM(tmpbuf))
     return gpg_error (GPG_ERR_TOO_LARGE);
   memcpy (tmpbuf, ti.buf, ti.nhdr);
   err = read_buffer (crl->reader, tmpbuf+ti.nhdr, ti.length);
 #+end_src
 
 It is obvious that the sum of the header length (although less than 10
 bytes) and the announced length of the value can easily wrap around
 and pass the check.  The result is then an overflow of /tmpbuf/ with
 all the usual consequences.  The code has been there for ages and it
 seems that the audits missed this because, well, there is some
 overflow check and a too brief check may have only noticed that the
 memcpy if fine.
 
 #+LaTeX: \newpage
 
 The fix for this is easy because we can check for an overflow right
 away in the parser.  Thus /_ksba_ber_read_tl/ finally does this
 extra check:
 
 #+begin_src C
   if (ti->length > ti->nhdr && (ti->nhdr + ti->length) < ti->length)
     {
       ti->err_string = "header+length would overflow";
       return gpg_error (GPG_ERR_EOVERFLOW);
     }
 #+end_src
 
 *** Thanks
 
 This vulnerability was discovered by:\\
 Anonymous working with Trend Micro Zero Day Initiative\\
 The second vulnerability was discovered by:\\
 Joseph Surin of elttam
 
 
 The report was received on 2022-10-04, fix pushed 2022-10-05, new
 source code release 2002-10-07, binary releases and announcement on
 2022-10-17.  Report on the second problem was received on 2022-11-22,
 and fixed on the next day.  We agreed with the reported to delay
 publication for up to 5 weeks to catch any other reports and to give
 us time for a coordinated release of all affected software.  The fix
 was published to customers on 2022-12-16, general publication on
 2022-12-20.
 
 *** Update on 2022-12-19
 
 It turned out that a related bug exists in the code to parse CRL
 signatures which was not fixed by Libksba 1.6.2.  This update has
 changed the affected version numbers and the timeline.
diff --git a/web/index.org b/web/index.org
index f05dc2d..8edba8f 100644
--- a/web/index.org
+++ b/web/index.org
@@ -1,160 +1,159 @@
 #+TITLE: The GNU Privacy Guard
 #+STARTUP: showall
 #+SETUPFILE: "share/setup.inc"
 #+GPGWEB-NEED-SWDB
 #+HTML_HEAD_EXTRA: <link type="application/rss+xml" href="https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg-doc.git;a=rss;f=web/index.org"/>
 #+HTML_HEAD_EXTRA: <link rel="stylesheet" href="/share/pure-min.css.gz" type="text/css" />
 #+HTML_HEAD_EXTRA: <link rel="stylesheet" href="/share/grids-responsive-min.css.gz" type="text/css" />
 
 * The GNU Privacy Guard
 #+index: GnuPG
 #+index: GPG
 #+index: PGP
 #+index: Gpg4win
 
 GnuPG is a complete and free implementation of the OpenPGP standard as
 defined by [[https://www.ietf.org/rfc/rfc4880.txt][RFC4880]] (also known as /PGP/). GnuPG allows you to encrypt and
 sign your data and communications; it features a versatile key management
 system, along with access modules for all kinds of public key
 directories.  GnuPG, also known as /GPG/, is a command line tool with
 features for easy integration with other applications.  A wealth of
 [[file:software/frontends.html][frontend applications]] and [[file:software/libraries.html][libraries]] are available.  GnuPG also
 provides support for S/MIME and Secure Shell (ssh).
 
 Since its introduction in 1997, GnuPG is [[https://www.gnu.org/philosophy/free-sw.html][Free Software]] (meaning that
 it respects your freedom). It can be freely used, modified and
 distributed under the terms of the [[https://www.gnu.org/copyleft/gpl.html][GNU General Public License]] .
 
 The current version of GnuPG is {{{gnupg24_ver}}}.  See the [[file:download/index.org][download]]
 page for other maintained versions.
 
 [[https://www.gpg4win.org][Gpg4win]] is a Windows version of GnuPG featuring a context menu tool, a
 crypto manager, and an Outlook plugin to send and receive standard
 PGP/MIME mails.  The current version of Gpg4win is {{{gpg4win_ver}}}.
 
 ** <div class="pure-g">                                        :html:virtual:
 
 
 
 * Reconquer your privacy
    :PROPERTIES:
    :HTML_CONTAINER_CLASS: pure-u-1 pure-u-md-1-2
    :END:
 
 #+begin_quote
 Arguing that you don't care about the right to privacy
 because you have nothing to hide is no different from
 saying you don't care about free speech because you have
 nothing to say.   \ndash\nbsp{}Edward\nbsp{}Snowden
 #+end_quote
 
 Using encryption helps to protect your privacy and the privacy of the
 people you communicate with.  Encryption makes life difficult for bulk
 surveillance systems.  GnuPG is one of the tools that Snowden used to
 uncover the secrets of the NSA.
 
 Please visit the [[https://emailselfdefense.fsf.org][Email Self-Defense]] site to learn how and why you
 should use GnuPG for your electronic communication.
 
 
 * News
    :PROPERTIES:
    :HTML_CONTAINER_CLASS: pure-u-1 pure-u-md-1-2
    :END:
 #+index: News
 
 The latest blog entries:
 #+begin_html
 <ul>
 <!--INSERT-BLOG-HEADLINE-->
 </ul>
 #+end_html
 
 The latest release news:\\
 ([[file:news.org][all news]])
 
 # For those of you who like reading world’s news with an RSS reader,
 # GnuPG's latest news are available as [[http://feedvalidator.org/check.cgi?url%3Dhttps://www.gnupg.org/news.en.rss][RSS 2.0 compliant]] feed.  Just
 # point or paste the [[news.en.rss][RSS file]] into your aggregator.
 
 ** 25 Years of GnuPG (2017-12-20)
 
 Exactly 25 years ago the very first release of GnuPG was published.
 We are pleased to take this opportunity to announce the availability
 of GnuPG version 2.4.0.
 
 This release has a few new features and the binary releases come with
 an updated Libksba to fix another vulnerability related to
 CVE-2022-3515.  {[[https://lists.gnupg.org/pipermail/gnupg-announce/2022q4/000477.html][more]]}
 
 
 ** Libksba security advisory update (2022-12-20)                  :important:
 
 Another bug has been found in [[https://gnupg.org/software/libksba/][Libksba]] which affects all versions of
-libksba before 1.6.3.  Our [[https://gnupg.org/blog/20221017-pepe-left-the-ksba.html][security advisory]] for {{{CVE(2022-3512)}}}
-has been updated accordingly.  Windows users should update
-to [[https://files.gpg4win.org/gpg4win-4.1.0.exe][Gpg4win 4.1.0]] or to GnuPG\nbsp{}VS-Desktop 3.1.26.
-
+libksba before 1.6.3 ({{{CVE(2022-47629)}}}).  Our [[https://gnupg.org/blog/20221017-pepe-left-the-ksba.html][security advisory]]
+for {{{CVE(2022-3512)}}} has been updated accordingly.  Windows users
+should update to [[https://files.gpg4win.org/gpg4win-4.1.0.exe][Gpg4win 4.1.0]] or to GnuPG\nbsp{}VS-Desktop 3.1.26.
 
 ** GnuPG / Libksba security advisory (2022-10-17)                 :important:
 
 A severe bug has been found in [[https://gnupg.org/software/libksba/][Libksba]], the library used by GnuPG for
 parsing the ASN.1 structures as used by S/MIME.  The bug affects all
 versions of Libksba before 1.6.2 and may be used for remote code
 execution.  *Updating this library is thus important*.
 
 Please see our [[https://gnupg.org/blog/20221017-pepe-left-the-ksba.html][security advisory]] for {{{CVE(2022-3512)}}}. For
 download links please see the [[file:download/index.org][download]] page.  Windows users should
 update to [[https://files.gpg4win.org/gpg4win-4.0.4.exe][Gpg4win 4.0.4]] or to GnuPG\nbsp{}VS-Desktop 3.1.25.
 
 
 ** GnuPG 2.3.8 released (2022-10-13)
 
 We are pleased to announce the availability of a new stable GnuPG
 release: version 2.3.8.  This release comes with a lot of new features
 and the binary releases come with the fix for the Libksba
 vulnerability {{{CVE(2022-3515)}}}.  {[[https://lists.gnupg.org/pipermail/gnupg-announce/2022q4/000476.html][more]]}
 
 ** GnuPG 2.3.7 released (2022-07-11)
 
 We are pleased to announce the availability of a new stable GnuPG
 release: version 2.3.7.  This release fixes {{{CVE(2022-34903)}}} which could
 be used to inject wrong status information in signatures.  The status
 information could then be abused to display a wrong validity in
 Kleopatra and other users of GPGME.  {[[https://lists.gnupg.org/pipermail/gnupg-announce/2022q3/000474.html][more]]}
 
 ** GnuPG 2.3.6 released (2022-04-25)
 
 We are pleased to announce the availability of a new stable GnuPG
 release: version 2.3.6. This release fixes a regression introduced in
 2.3.5 released just a few days ago.  {[[https://lists.gnupg.org/pipermail/gnupg-announce/2022q2/000473.html][more]]}
 
 ** GnuPG 2.3.5 released (2022-04-21)
 
 We are pleased to announce the availability of a new *stable GnuPG*
 release: version 2.3.5. This is another release in the stable 2.3
 series which introduces new options, improves the performance, and
 fixes some bugs. {[[https://lists.gnupg.org/pipermail/gnupg-announce/2022q2/000472.html][more]]}
 
 ** Libgcrypt 1.10 is the new stable branch (2022-03-28)
 
 Although we will keep on maintaining the 1.8 branch, the new stable
 branch is now 1.10.  Version 1.10.1 comes with a lot of performance
 improvements and a few other new features.  It provides full API and
 ABI compatibility to previous versions.  {[[https://lists.gnupg.org/pipermail/gnupg-announce/2022q1/000471.html][more]]}
 
 ** </div><!-- end pure-g -->                                   :html:virtual:
 
 
 * COMMENT
 This is the publishing info used for the GnuPG pages
 #+begin_src emacs-lisp
   (progn
    (setq gpgweb-root-dir (file-name-directory (buffer-file-name)))
    (setq gpgweb-stage-dir (concat gpgweb-root-dir "../stage"))
    (require 'gpgweb (concat gpgweb-root-dir "share/gpgweb.el"))
    (setq org-publish-use-timestamps-flag nil)
    (setq org-export-html-toplevel-hlevel 1)
    (setq org-export-html-coding-system 'utf-8)
    (gpgweb-setup-project))
 #+end_src