Last week:

• libgcrypt: T4011: CVE-2018-0495
  • MITRE assigned CVE for each implementation
  • While OpenSSL doesn't ask assignment, some media refer OpenSSL for CVE-2018-0495 (instead of libgcrypt)
• In gniibe/decryption-key branch:
  • uniquely enumerate secret key
  • lookup for card keys
• dirmngr bugs fixed in master (all can be applied to stable 2.2)
  • recursive resolver never work in the past: rG5b40338f1276: dirmngr: Fix recursive resolver mode.
  • sync to upstream for ! in nsswitch.conf: rG3e6ad302eaf3: libdns: Sync to upstream.
  • T3374: gpg recv-keys fail if first dns server end up with "Connection refused": rGbcdbf8b8ebe9: libdns: Fix connect and try next nameserver when ECONNREFUSED.
  • T3803: dirmngr issues malformed DNS queries: rGa4a054bf14fa: libdns: Fix for non-FQDN hostname.

This week:

• Test gniibe/decryption-key branch

Discussion:

• After 1.4.23 released, it's good to have a look at: T3443: Install gpg 1.4 as gpg1

Last week was pretty unproductive with sickness.

• Added very restrictive handling of unsigned S/MIME Mails ( T3986 )
• Released Gpg4win-3.1.2

This week:

• Some finishing up in other projects.
• Help with installation of gpgme-json stuff so that it can be used from a browser.
• Start on features for a Gpg4win-3.2.0 -> Sort the work and plan issues.