Release GnuPG 2.2.21
Closed, ResolvedPublic

Description

  • gpg: Improve symmetric decryption speed by about 25%. See commit rG144b95cc9d.
  • gpg: Support decryption of AEAD encrypted data packets.
  • gpg: Add option --no-include-key-block. [T4856]
  • gpg: Allow for extra padding in ECDH. [T4908]
  • gpg: Only a single pinentry is shown for symmetric encryption if the pinentry supports this. [T4971]
  • gpg: Print a note if no keys are given to --delete-key. [T4959]
  • gpg,gpgsm: The ridiculous passphrase quality bar is not anymore shown. [T2103]
  • gpgsm: Certificates without a CRL distribution point are now considered valid without looking up a CRL. The new option --enable-issuer-based-crl-check can be used to revert to the former behaviour.
  • gpgsm: Support rsaPSS signature verification. [T4538]
  • gpgsm: Unless CRL checking is disabled lookup a missing issuer certificate using the certificate's authorityInfoAccess. [T4898]
  • gpgsm: Print the certificate's serial number also in decimal notation.
  • gpgsm: Fix possible NULL-deref in messages of --gen-key. [T4895]
  • scd: Support the CardOS 5 based D-Trust Card 3.1.
  • dirmngr: Allow http URLs with "LOOKUP --url".
  • wkd: Take name of sendmail from configure. Fixes an OpenBSD specific bug. [T4886]
werner created this task.Mar 30 2020, 5:40 PM
werner renamed this task from Release GnUPG 2.2.21 to Release GnuPG 2.2.21.
werner closed this task as Resolved.Jul 9 2020, 1:13 PM
werner updated the task description. (Show Details)
werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2020q3/000446.html.

It turns out that a test case in GPGME fails with that version. This is due to a regression I introduced in the passphrase repetition code for symmetric encryption. This will be fixed with the next GnuPG version; in the meantime you may use the patch F1646254.