Maniphest T6849

Release GnuPG 2.2.43
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	• werner
	Nov 28 2023, 4:57 PM

Tags

Subscribers

Description

Noteworthy changes in version 2.2.43 (2024-04-16)

gpg: Do not keep an unprotected smartcard backup key on disk. See https://gnupg.org/blog/20240125-smartcard-backup-key.html for a security advisory. [T6944]
gpg: Allow to create revocations even with non-compliant algos. [rG89c7eccba5]
gpg: Fix mixed invocation with --trusted-keys and --no-options. [T7025]
gpg: Make sure a DECRYPTION_OKAY is never issued for a bad OCB tag. [T7042]
gpg: Do not allow to accidently set the RENC usage. [T7072]
gpgsm: Allow PKCS#12 decryption with a longer salt value. [T6757]
agent: Allow simple KEYINFO command in restricted mode. [T7003]
agent: Consider an empty pattern file as valid. [rG509d0f76ce]
dirmngr: Avoid starting a second instance on Windows via GPGME based launching. [T6833]
dirmngr: Trust system's root CAs for checking CRL issuers. [T6963]
dirmngr: Fix the regression in 2.2.42 of use of proxy for TLS connection. [T6997]
scd: Fix corner case bug when changing to a shorter PIN with KDF enabled. [T6843]
gpgtar: Fix conveying of status lines from gpg when using stderr as status fd on Windows. [T6961]
gpgconf: Fix -X command for the new VERSION file format and change the output format. [T6918]
wkd: Make gpg-wks-client --mirror work w/o args.

(prev: T6307 next: T7087)

Related Objects

Mentioned In: T7087: Release GnuPG 2.2.44
T6307: Release GnuPG 2.2.42
Mentioned Here: T7087: Release GnuPG 2.2.44
rG89c7eccba515: gpg: Allow to create revocations even with non-compliant algos.
rG509d0f76cedd: gpg-check-pattern: Consider an empty pattern file as valid
T6757: gpgsm 2.4 Fails to import P12 certificate/key
T6833: Kleopatra: Multiple dirmngr started when searching for keys
T6843: after enable kdf-setup impossible change user/admin pin
T6918: gpgconf parsing of VERSION file broken
T6944: The default card key generation keeps an unprotected backup of the encryption key on disk
T6961: On Windows the gpgtar --status-fd 2 does not show the gpg status lines
T6963: Trust system's root CA for checking CRL issuers
T6997: gnupg-2.4.4 breaks dirmngr fetching keys via hkps:// from behind a proxy
T7003: 2.2 gpg-agent doesn't allow KEYINFO when restricted (was: gpgme-1.23.2 test failure (t-json))
T7025: --trusted-key and --no-options mismatch
T7042: AEAD mode does not properly handle modified cipher text
T7072: addkey "set your own capabilities" silently sets Restricted Encryption capability
T6307: Release GnuPG 2.2.42

Event Timeline

• werner triaged this task as Low priority.Nov 28 2023, 4:57 PM

• werner created this task.

• werner created this object with edit policy "Administrators".

• werner mentioned this in T6307: Release GnuPG 2.2.42.

• werner claimed this task.Jan 24 2024, 11:29 AM

• werner moved this task from Backlog to WiP on the gnupg22 board.

thesamesam added a subscriber: thesamesam.Mar 7 2024, 8:20 PM

• werner updated the task description. (Show Details)Apr 16 2024, 9:47 AM

• werner mentioned this in T7087: Release GnuPG 2.2.44.Apr 16 2024, 11:43 AM

• werner moved this task from WiP to gnupg-2.2.43 on the gnupg22 board.Apr 16 2024, 12:02 PM

• werner edited projects, added gnupg22 (gnupg-2.2.43); removed gnupg22.

• werner closed this task as Resolved.Apr 16 2024, 12:05 PM

• werner updated the task description. (Show Details)