Noteworthy changes in version 2.3.8 (2022-10-13)

• gpg: Do not consider unknown public keys as non-compliant while decrypting. [T6205]
• gpg: Avoid to emit a compliance mode line if Libgcrypt is non-compliant. [T6221]
• gpg: Improve --edit-key setpref command to ease c+p. [rG1908fa8b83]
• gpg: Emit an ERROR status if --quick-set-primary-uid fails and allow to pass the user ID by hash. [T6126]
• gpg: Actually show symmetric+pubkey encrypted data as de-vs compliant. Add extra compliance checks for symkey_enc packets. [T6119]
• gpg: In de-vs mode use SHA-256 instead of SHA-1 as implicit preference. [T6043]
• gpgsm: Fix reporting of bad passphrase error during PKCS#11 import. [T5713,T6037]
• agent: Fix a regression in "READKEY --format=ssh". [T6012]
• agent: New option --need-attr for KEYINFO. [rG989eae648c]
• agent: New attribute "Remote-list" for use by KEYINFO. [r1383aa4750]
• scd: Fix problem with Yubikey 5.4 firmware. [T6070]
• dirmngr: Fix CRL Distribution Point fallback to other schemes. [rG0c8299e2b5]
• dirmngr: New LDAP server flag "areconly" (A-record-only). [rGd65a0335e5]
• dirmngr: Fix upload of multiple keys for an LDAP server specified using the colon format. [rG536b5cd663]
• dirmngr: Use LDAP schema v2 when a Base DN is specified. [T6047]
• dirmngr: Avoid caching expired certificates. [T6142]
• wkd: Fix path traversal attack in gpg-wks-server. Add the mail address to the pending request data. [rG8a63a8c825,T6098]
• wkd: New command --mirror for gpg-wks-client. [T6224]
• gpg-auth: New tool for authentication. [T5862]
• New common.conf option no-autostart. [rG203dcc19eb]
• Silence warnings from AllowSetForegroundWindow unless GNUPG_EXEC_DEBUG_FLAGS is used. [rG4ef8516a79]

(prev: T5947 next: T6303)