Maniphest T4860

Release GnuPG 2.2.20
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	• werner
	Feb 27 2020, 10:10 AM

Tags

Subscribers

Description

News for this the 2.2.20 release:

Protect the error counter against overflow to guarantee that the tools can't be tricked into returning success after an error.
gpg: Make really sure that --verify-files always returns an error.
gpg: Fix key listing --with-secret if a pattern is given. [T4061]
gpg: Fix detection of certain keys used as default-key. [T4810]
gpg: Fix default-key selection when a card is available. [T4850]
gpg: Fix key expiration and key usage for keys created with a creation date of zero. [T4670]
gpgsm: Fix import of some CR,LF terminated certificates. [T4847]
gpg: New options --include-key-block and --auto-key-import to allow encrypted replies after an initial signed message. [T4856]
gpg: Allow the use of a fingerprint with --trusted-key. [T4855]
gpg: New property "fpr" for use by --export-filter.
scdaemon: Disable the pinpad if a KDF DO is used. [T4832]
dirmngr: Improve finding OCSP certificates. [T4536]
Avoid build problems with LTO or gcc-10. [T4831]

Details

External Link: https://lists.gnupg.org/pipermail/gnupg-announce/2020q1/000444.html

Related Objects

Mentioned In: T4897: Release GnuPG 2.2.21
Mentioned Here: T4886: gpg-wks-server fails on openbsd, because sendmail is in /usr/sbin, not /usr/lib
T4061: gnupg: --with-colons --with-secret returns wrong results if specific keys are queried
T4536: dirmngr fails to find OCSP signer certificate when responder is identified with key ID
T4670: Key expiration time ignored for zero creation date keys
T4810: A key with only "C" capability cannot be selected as default key.
T4831: gnupg-2.2.19 fails to build on latest Fedora Rawhide
T4832: card: when KDF is enabled, use of pinpad input should be disabled
T4847: "gpgsm: invalid radix64 character 2d skipped" when trying to import a PEM file with DOS line endings (CR+LF)
T4850: GnuPG fails to find default key to sign when using a smart card, but recovers once card is removed
T4855: The trusted-key option requires a long key ID and won't take a fingerprint
T4856: GPG: Key Exchange Put public OpenPGP key into signature

Event Timeline

• werner created this task.Feb 27 2020, 10:10 AM

• werner moved this task from Backlog to For next release on the gnupg (gpg22) board.Mar 18 2020, 3:48 PM

• werner updated the task description. (Show Details)Mar 20 2020, 5:56 PM

• werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2020q1/000444.html.

• werner closed this task as Resolved.Mar 20 2020, 5:59 PM

If you run into build problems on OpenBSD for gpg-wks-server, see T4886 for a required minor fix.

• werner mentioned this in T4897: Release GnuPG 2.2.21.Jan 11 2021, 6:54 PM