$ docker run --rm --name validator-libgcrypt-cve-2024-2236-2726 -t --mount type=bind,src=/tmp/validator-status-libgcrypt-cve-2024-2236,dst=/validator/status validator-libgcrypt-shared bash -lc 'set -euo pipefail
/validator/tests/_shared/install_override_debs.sh
exec /validator/tests/_shared/run_library_tests.sh "$@"' validator-testcase libgcrypt cve-2024-2236 -- bash -c 'PS4=$1; shift; set -x; source "$@"' validator-xtrace '__VALIDATOR_XTRACE__ ' /validator/tests/libgcrypt/tests/cases/regression/cve-2024-2236.sh
no override packages found; continuing with apt originals
good ciphertext -> err=0 (ok) result=sexp
bad  ciphertext -> err=16777371 (Encoding problem) result=(null)
OK: gcry_pk_decrypt distinguishes valid vs invalid PKCS#1 v1.5 padding — Bleichenbacher oracle still observable.