diff -Nru hplip-3.21.6+dfsg0/debian/changelog hplip-3.21.6+dfsg0/debian/changelog
--- hplip-3.21.6+dfsg0/debian/changelog	2021-08-18 13:02:18.000000000 -0500
+++ hplip-3.21.6+dfsg0/debian/changelog	2021-10-29 13:54:16.000000000 -0500
@@ -1,3 +1,9 @@
+hplip (3.21.6+dfsg0-0ubuntu2.21.10.1) impish; urgency=medium
+
+  * Restrict permissions on .hplip/.gnupg directory (LP: #1938442)
+
+ -- William 'jawn-smith' Wilson <william.wilson@canonical.com>  Fri, 29 Oct 2021 13:54:16 -0500
+
 hplip (3.21.6+dfsg0-0ubuntu1) impish; urgency=medium
 
   * New 3.21.6 upstream version
diff -Nru hplip-3.21.6+dfsg0/debian/patches/0082-fix-permissions-on-gnupg-dir.patch hplip-3.21.6+dfsg0/debian/patches/0082-fix-permissions-on-gnupg-dir.patch
--- hplip-3.21.6+dfsg0/debian/patches/0082-fix-permissions-on-gnupg-dir.patch	1969-12-31 18:00:00.000000000 -0600
+++ hplip-3.21.6+dfsg0/debian/patches/0082-fix-permissions-on-gnupg-dir.patch	2021-10-29 13:54:16.000000000 -0500
@@ -0,0 +1,21 @@
+Description: Change .gnupg directory permissions to 700
+ The .hplip/.gnupg directory has permissions of 755. While
+ only public keys are stored in this directory, it can still
+ be seen as a privacy issue that the keys are readable by
+ any user. Changing the permissions to 700 fixes this issue
+Author: zdohnal <zdohnal@redhat.com>
+Bug: https://bugs.launchpad.net/ubuntu/+source/hplip/+bug/1938442
+Last-Update: 2021-10-29
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/base/validation.py
++++ b/base/validation.py
+@@ -53,7 +53,7 @@
+ 
+         if not os.path.exists(self.__gpg_dir):
+             try:
+-                os.mkdir(self.__gpg_dir, 0o755)
++                os.mkdir(self.__gpg_dir, 0o700)
+             except OSError:
+                 log.error("Failed to create %s" % self.__gpg_dir)
+         self.__change_owner()
diff -Nru hplip-3.21.6+dfsg0/debian/patches/series hplip-3.21.6+dfsg0/debian/patches/series
--- hplip-3.21.6+dfsg0/debian/patches/series	2021-05-16 08:18:30.000000000 -0500
+++ hplip-3.21.6+dfsg0/debian/patches/series	2021-10-29 13:54:16.000000000 -0500
@@ -79,3 +79,4 @@
 0079-Workaround-Add-32-bytes-to-allocation-Halftoner.patch
 0080-Workaround-Add-32-bytes-to-allocation-Compressor.patch
 0081-Don-t-start-hp-systray-in-GNOME.patch
+0082-fix-permissions-on-gnupg-dir.patch