Where do I get an update for gpg2 (GnuPG) for CentOS 6.10 that is compliant with CVE-2018-12020? I'm trying to update gpg2 (GnuPG GNU Privacy Guard) on my fully updated CentOS 6.10 computer to comply with CVE-2018-12020. My system has gpg2 package gnupg2-2.0.14-8.el6.x86_64.rpm This package does not appear to be compliant with CVE-2018-12020. I can not find and update anywhere. I have tried downloading the upstream version 2.2.8 from GnuPG.org but am having trouble building it for CentOS 6.10 primarily due to a requirement for a newer version of glibc. I'm getting the error undefined reference to 'clock_gettime' and have not been able to resolve it
Any suggestions on where to download the update or when an update might be available or how to build gpg2 version 2.2.8 for CentOS 6 is appreciated. Thanks,Ed