Page MenuHome GnuPG

Release GnuPG 2.2.42
Closed, ResolvedPublic


Noteworthy changes in version 2.2.42 (2023-11-28)

  • gpg: Set default expiration date to 3 years. [T2701]
  • gpg: Support OCB encryption. [T6263]
  • gpg: New command --quick-update-pref. [rGf16c946be7]
  • gpg: New list-options show-pref and show-pref-verbose. [rGb6ba7054a0]
  • gpg: Add modes 16 and 30 to --gen-random.
  • gpg: Emit status line and proper diagnostics for write errors. [T6528]
  • gpg: Make progress work for large files on Windows. [T6534]
  • gpg: New option --no-compress as alias for -z0.
  • gpg: Detect already compressed data also when using a pipe. Also detect JPEG and PNG file formats. [T6332]
  • gpg: New option --add-desig-revoker. [rG6c9db01101]
  • gpg: Fix subkey re-import if a stub key still exists. [T3456]
  • gpg: Allow to specify seconds since Epoch beyond 2038 on 32-bit platforms. [T6736]
  • gpg: Fix the "keytocard" command for moving ECC keys with non-standard ECDH parameters to OpenPGP cards. [rG92af3f88a9]
  • gpgsm: Support ECC certificates. [T6253, T6802]
  • gpgsm: Print PROGRESS status lines. Add new --input-size-hint. [T6534]
  • gpgsm: Also announce AES256-CBC in signatures. [rGaa397fdcdb21]
  • gpgsm: Major rewrite of the PKCS#12 parser. [T6536]
  • gpgsm: Non-armored detached signature are now created without using indefinite form length octets. This improves compatibility with some PDF signature verification software. [rG3d3b941ce9]
  • gpgsm: Verification of detached signatures does now strip trailing zeroes from the input if --assume-binary is used. [rG6bdf11f671]
  • gpgsm: No not show the pkcs#12 passphrase in debug output. [T6654]
  • agent: Update the key stubs only if really modified. [T6829]
  • dirmngr: New option --ignore-crl-extensions. [T6545]
  • dirmngr: Backport of the AD_QUERY command. [rG2a3bad5985]
  • dirmngr: Support config value "none" to disable the default keyserver. [T6708]
  • dirmngr: Implement automatic proxy detection on Windows. [T5768]
  • dirmngr: Fix handling of the HTTP Content-Length. [rG9f1c11cd3f]
  • dirmngr: Add code to support proxy authentication using the Negotiation method on Windows. [T6719]
  • wkd: Use export-clean for gpg-wks-client's --mirror and --create commands. [rG505e770b4c]
  • wkd: Make --add-revocs the default in gpg-wks-client. New option --no-add-revocs. [rG67d57fae3f]
  • Fix garbled time output in non-English Windows. [T6741]
  • Ignore attempts to remove the /dev/null device. [T6556]
  • Improve advisory file lock retry strategy. [rG45a1ab5017]

(prev: T6280 next: T6849

Related Objects

Mentioned In
T6849: Release GnuPG 2.2.43
Mentioned Here
rGaa397fdcdb21: gpgsm: Also announce AES256-CBC in signatures.
rGb6ba7054a04a: gpg: New list-options show-pref and show-pref-verbose.
rGf16c946be7ea: gpg: New option --quick-update-pref.
rG505e770b4c53: wks: Use export-clean for --mirror and --create.
rG67d57fae3f75: wks: Make --add-revocs the default.
rG2a3bad598548: dirmngr: New command AD_QUERY.
rG6bdf11f67150: gpgsm: Strip trailing zeroes from detached signatures.
rG3d3b941ce9fd: gpgsm: Create binary detached sigs with definite form length octets.
rG6c9db0110121: gpg: New option --add-desig-revoker
rG9f1c11cd3f45: dirmngr: Fix handling of the HTTP Content-Length
rG45a1ab501787: common: Improve lock strategy for dotlock.
rG92af3f88a9df: gpg: Pass ECDH parameters to OpenPGP smartcards
T2701: Do not let users create keys without an expiration date
T3456: GPG does not import secret subkeys from --export-secret-subkeys output if subkey stubs existed before
T5768: Dirmngr: Use windows proxy settings if system proxy settings should be used
T6253: GpgSM: Backport ECC support to 2.2
T6263: Allow OCB encryption in 2.2
T6332: GPG: Extend / rework "is_file_compressed"
T6528: gpg: No error status when encrypting to full disk
T6534: gpg's progress_filter needs to use uint64_t
T6536: Extend P12 parser for ShroudedKeyBag inside a CertBag
T6545: Support CRL extension issuingDistributionPoint
T6556: gpgtar: Removes existing output file on error
T6654: gpgsm: p12 passphrase visible in debug output
T6708: Allow to inhibit the use of a default PGP keyserver
T6719: Support Proxy-Authorization: Negotiate on Windows
T6736: Year 2038 issue for key validity date
T6741: gpg 2.3+ may display garbled characters for date and time in non-English Windows
T6802: Trying to sign with a brainpool X509 key results in non-compliance error
T6829: Kleopatra: Loop reading keys from smartcard
T6849: Release GnuPG 2.2.43
T6280: Release GnuPG 2.2.41

Event Timeline

werner created this task.
werner created this object with edit policy "Administrators".
werner moved this task from Backlog to WiP on the gnupg22 board.
werner updated the task description. (Show Details)
werner moved this task from WiP to gnupg-2.2.42 on the gnupg22 board.
werner edited projects, added gnupg22 (gnupg-2.2.42); removed gnupg22.