Page MenuHome GnuPG
Create Task
Maniphest T6303

Release GnuPG 2.4.0
Closed, ResolvedPublic
Actions

Description

Noteworthy changes in version 2.4.0 (2022-12-16)

  • gpg: New command --quick-update-pref. [rGd40d23b233]
  • gpg: New list-options show-pref and show-pref-verbose. [rG811cfa34cb]
  • gpg: New option --list-filter to restrict key listings like gpg -k --list-filter 'select=revoked-f && sub/algostr=ed25519' [rG1324dc3490]
  • gpg: New --export-filter export-revocs. [rGc985b52e71]
  • gpg: Also import stray revocation certificates. [rG7aaedfb107]
  • gpg: Add a notation to encryption subkeys in de-vs mode. [T6279]
  • gpg: Improve signature verification speed by a factor of more than four. Double detached signing speed. [T5826]
  • gpg: Allow only OCB for AEAD encryption. [rG5a2cef801d]
  • gpg: Fix trusted introducer for mbox only user-ids. [T6238]
  • gpg: Report an error via status-fd for receiving a key from the agent. [T5151]
  • gpg: Make --require-compliance work without the --status-fd option. [rG2aacd843ad]
  • gpg: Fix verification of cleartext signatures with overlong lines. [T6272]
  • agent: Fix import of protected OpenPGP v5 keys. [T6294]
  • gpgsm: Change the default cipher algorithm from AES128 to AES256. Also announce support for this in signatures. [rG2d8ac55d26]
  • gpgsm: Always use the chain validation model if the root-CA requests this. [rG7fa1d3cc82]
  • gpgsm: Print OCSP revocation date and reason in cert listings. [rGb6abaed2b5]
  • agent: Support Win32-OpenSSH emulation by gpg-agent. [T3883]
  • scd: Support the Telesec Signature Card v2.0. [T6252]
  • scd: Redact --debug cardio output of a VERIFY APDU. [T5085]
  • scd: Skip deleted pkcs#15 records in CARDOS 5. [rG061efac03f]
  • dirmngr: Fix build with no LDAP support. [T6239]
  • dirmngr: Fix verification of ECDSA signed CRLs. [rG868dabb402]
  • wkd: New option --add-revocs for gpg-wks-client. [rGc3f9f2d497]
  • wkd: Ignore expired user-ids in gpg-wks-client. [T6292]
  • card: New commands "gpg" and "gpgsm". [rG9c4691c73e]

(prev: T6106 next: tba)

Details

Version
2.4.0

Related Objects

Mentioned In
T6454: Release GnuPG 2.4.1
T6383: GnuPG 2.4.0 not working with Yubikey NEO
T6320: gnupg-2.4.0: make check fails
T6106: Release GnuPG 2.3.8
Mentioned Here
T6313: 2.4.0 does not support in-source-tree builds
rG9c4691c73e9e: card: New commands "gpg" and "gpgsm".
rG7aaedfb10767: gpg: Import stray revocation certificates.
rG5a2cef801d35: gpg: Allow only OCB for AEAD encryption.
rG811cfa34cb3e: gpg: New list-options show-pref and show-pref-verbose.
rGd40d23b233f0: gpg: New option --quick-update-pref.
rG868dabb4027a: dirmngr: Fix verification of ECDSA signed CRLs.
rG1324dc3490b0: gpg: New option --list-filter
rG2aacd843ad6b: gpg: Make --require-compliance work with out --status-fd
rGc985b52e71a8: gpg: New export-filter export-revocs
rGc3f9f2d497b1: wkd: New option --add-revocs and some fixes.
rG2d8ac55d26e7: gpgsm: Change default algo to AES-256.
rG7fa1d3cc821d: gpgsm: Always use the chain model if the root-CA requests this.
rGb6abaed2b5f6: gpgsm: Print revocation date and reason in cert listings.
rG061efac03ff9: scd:p15: Skip deleted records.
T3883: Add Win32-OpenSSH support to gpg-agent's ssh-agent
T5085: Filter APDUs in log output
T5151: GPGME++ : bad passphrase problems
T5826: Improve detached signing and verification speed
T6238: regexp for trust signature domain restriction does not work if key only has an e-mail address
T6239: gnugp 2.3.8 fails to build with --disable-ldap
T6252: Support ECC for Netkey cards also in 2.2
T6272: gpg --cleartext and truncated lines
T6279: Tag keys when created in de-vs mode
T6292: gpg-wks-client --mirror and expired keys
T6294: Import of EC448 keys fails
T6106: Release GnuPG 2.3.8