Page MenuHome GnuPG

Release GnuPG 2.2.43
Closed, ResolvedPublic


Noteworthy changes in version 2.2.43 (2024-04-16)

  • gpg: Do not keep an unprotected smartcard backup key on disk. See for a security advisory. [T6944]
  • gpg: Allow to create revocations even with non-compliant algos. [rG89c7eccba5]
  • gpg: Fix mixed invocation with --trusted-keys and --no-options. [T7025]
  • gpg: Make sure a DECRYPTION_OKAY is never issued for a bad OCB tag. [T7042]
  • gpg: Do not allow to accidently set the RENC usage. [T7072]
  • gpgsm: Allow PKCS#12 decryption with a longer salt value. [T6757]
  • agent: Allow simple KEYINFO command in restricted mode. [T7003]
  • agent: Consider an empty pattern file as valid. [rG509d0f76ce]
  • dirmngr: Avoid starting a second instance on Windows via GPGME based launching. [T6833]
  • dirmngr: Trust system's root CAs for checking CRL issuers. [T6963]
  • dirmngr: Fix the regression in 2.2.42 of use of proxy for TLS connection. [T6997]
  • scd: Fix corner case bug when changing to a shorter PIN with KDF enabled. [T6843]
  • gpgtar: Fix conveying of status lines from gpg when using stderr as status fd on Windows. [T6961]
  • gpgconf: Fix -X command for the new VERSION file format and change the output format. [T6918]
  • wkd: Make gpg-wks-client --mirror work w/o args.

(prev: T6307 next: T7087)