Page MenuHome GnuPG
Create Task
Maniphest T7289

Release GnuPG 2.5.2
Open, LowPublic
Actions

Description

Noteworthy changes in version 2.5.2 (2024-12-05)

  • gpg: Add option 16 to --full-gen-key to create ECC+Kyber. [T6638]
  • gpg: For composite algos add the algo string to the colons listings. [T6638]
  • gpg: Validate the trustdb after the import of a trusted key. [T7200]
  • gpg: Exclude expired trusted keys from the key validation process. [T7200]
  • gpg: Fix a wrong decryption failed status for signed and OCB encrypted messages without a signature verification key. [T7042]
  • gpg: Retain binary representation for import->export with Ed25519 key signatures. [T7426]
  • gpg: Fix comparing ed448 to ed25519 with --assert-pubkey-algo. [T7425]
  • gpg: Avoid a failure exit code for expired ultimately trusted keys. [T7351]
  • gpg: Emit status error for an invalid ADSK. [T7322]
  • gpg: Allow the use of an ADSK subkey as ADSK subkey. [T6882]
  • gpg: Fix --quick-set-expire for V5 subkey fingerprints. [T7298]
  • gpg: Robust error handling for SCD READKEY. [T7309]
  • gpg: Fix cv25519 v5 export regression. [T7316]
  • gpgsm: Nearly fourfold speedup of validated certificate listings. [T7308]
  • gpgsm: Improvement for some rare P12 files. [rGf50dde6269]
  • gpgsm: Terminate key listing on output write error. [T6185]
  • agent: Add option --status to the LISTRUSTED command. [rG4275d5fa7a]
  • agent: Fix detection of the yet unused trustflag de-vs. [T5079]
  • agent: Allow ssh to sign data larger than the Assuan line length. [T7436]
  • keyboxd: Fix a race condition on the database handle. [T7294]
  • dirmngr: A list of used URLs for loaded CRLs is printed first in the output of the LISTCRL command. [T7337]
  • scd: More mitigations against lock ups with multiple cards or apps. [T7323, T7402]
  • gpgtar: Use log-file from common.conf only in --batch mode. [rGb389e04ef5]
  • gpgtar: Fix directory creation during extraction. [T7380]
  • gpg-mail-tube: Minor fixes.
  • gpgconf: Add list flag to trusted-key et al. [T7313]
  • Implement GNUPG_ASSUME_COMPLIANCE envvar and registry key for testing de-vs compliance mode. [rGb287fb5775,rG7b0be541a9]
  • Enable additional runtime protections in speedo builds for Windows. [rG39aa206dc5]
  • Fix a race condition in creating the socket directory. [T7332]
  • Fix a build problem on macOS (missing unistd.h). [T7193]

(prev: T7191)

Details

External Link
https://lists.gnupg.org/pipermail/gnupg-announce/2024q4/000488.html

Related Objects

Mentioned In
T7442: Release GnuPG 2.5.3
T7191: Release GnuPG 2.5.1
Mentioned Here
P12 Fallback for keys with keyid but no finterprint value in gpgme
rGf50dde6269bd: gpgsm: Possible improvement for some rare P12 files.
rG4275d5fa7a51: agent: Add option --status to the LISTRUSTED command.
rGb287fb577587: Implement GNUPG_ASSUME_COMPLIANCE envvar for testing
rG39aa206dc51d: speedo: Enable additional runtime protections on Windows.
rGb389e04ef526: gpgtar: Use log-file from common.conf only in --batch mode.
rG7b0be541a994: w32: Introduce Registry key GNUPG_ASSUME_COMPLIANCE.
T5079: Add compliance flag to trustlist.txt
T6185: `gpg2 --list-keys --with-colons > /dev/full` exits with status 0
T6638: PQC for GnuPG
T6882: Make ADSK configurable for new keys
T7042: AEAD mode does not properly handle modified cipher text
T7193: gnupg-2.5.0: Does not build due to missing declaration of read and write
T7200: Trustdb not updated on import of extended certificate
T7294: keyboxd: Possible race conditions (and clean up)
T7298: gpg --quick-set-expire fails for V5 subkeys
T7308: Speed up the X.509 key listings
T7309: gpg should not proceed with the key import from the smartcard if no valid SCD READKEY information is received
T7313: gpgconf --list-options does not handle multiple trusted-keys.
T7316: Curve25519/v5 key cannot be exported
T7322: Kleopatra: General error if ADSK is not configured correctly
T7323: scdaemon hangs up (when output from scdaemon is not consumed by gpg-agent)
T7332: Kleopatra: Initial keylisting sometimes fails or hangs for some seconds
T7337: Show a summary of all URLs with dirmngr's LISTCRL command
T7351: 2.2.45 exitcode 2 when importing revocation cert for expired key
T7380: gpgtar does not always create directories on extraction.
T7402: No hard lockup when SCardConnect never returns
T7425: gpg --assert-pubkey-algo claims that ed25519 is stronger that ed448
T7426: Retain binary representation of key for import->export (in particular, Ed25519 signature)
T7436: Allow ssh to sign data larger than the assuan line length.
T7191: Release GnuPG 2.5.1

Event Timeline

werner triaged this task as Low priority.Sep 12 2024, 12:04 PM
werner created this task.
werner created this object with edit policy "Administrators".
werner mentioned this in T7191: Release GnuPG 2.5.1.Sep 12 2024, 12:22 PM
werner mentioned this in T7442: Release GnuPG 2.5.3.Thu, Dec 5, 11:45 AM
werner updated the task description. (Show Details)
werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2024q4/000488.html.
werner moved this task from Backlog to Done on the gnupg26 board.Thu, Dec 5, 11:48 AM