Maniphest T7869

Release GnuPG 2.5.14
Open, NormalPublic
Actions

Assigned To

None

Authored By

	• werner
	Oct 22 2025, 2:16 PM

Tags

Subscribers

Description

Noteworthy changes in version 2.5.14 (2025-11-19)

gpg: Fix possible memory corruption in the armor parser. [T7906]
gpgsm: Fix output of card serial number in colon listing. [T7914]
agent:ssh: Fix RSA signature handling for newer spec. [T7882]
gpg: Improve/relax the checking of preference options. [rG6570700fdd]
gpg: Fix the check for the END armor line. [rG62b8bf2f39]
gpg: Do not present a default when asking for another output filename. [T7908]
gpg: Include ADSK keys in key listings specified by fingerprints. [T7892]
agent: Fix a decryption failures if the pinentry dialog for the first tried recipient is canceled. Regression since 2.5.7. [T7893, T7649]
keyboxd: Fix schema of the fingerprint table. [T7892]
dirmngr: Fix OCSP next-update check. [rG9ef87bcdb0]
gpg: New "pfc" record in colons key listings. [T7897]
gpg: Allow import and export of Kyber secret keys. [T7315]
gpg: Escape characters with the high bit set in NOTATION status lines. [T7896]
gpg: New import option "force-update". [T7892,rGf6237ccd31]
agent: Accept a trustlist with a missing LF at the end. [rG1b4ac98de7]
agent: Support protection for Kyber keys. [T6638,rGaea62817f3]
scd:nks: Make newer TCOS signature cards work. [rG17596e830f]

(prev: T7801 next: T7940))

Related Objects

Mentioned In: T7940: Release GnuPG 2.5.15
T7801: Release GnuPG 2.5.13
Mentioned Here: rG6570700fddcb: gpg: Improve/relax the checking of preference options.
rG1b4ac98de7db: agent: Accept a trustlist with a missing LF at the end.
rG9ef87bcdb034: dirmngr: Fix OCSP check.
rG62b8bf2f3905: gpg: Fix armored input parsing.
rG17596e830f08: scd:nks: Make newer TCOS signature cards work.
rGaea62817f300: agent: Support protection for Kyber keys.
rGf6237ccd313a: gpg: New import option "force-update"
T6638: PQC for GnuPG
T7315: Allow export and import of PQC secret keys.
T7882: `rsa-sha2` signature values are improperly truncated
T7892: keyboxd: a new subkey is sometimes not stored in the fingerprint table.
T7893: GnuPG: Decryption fails if the pinentry dialog for the first tried recipient is canceled
T7896: Escape binary data in NOTATION* for status-fd
T7897: Include key preferences in --with-colons
T7906: Memory Corruption in ASCII-Armor Parsing
T7908: GnuPG Accepts Path Separators and Path Traversals in Literal Data "Filename" Field
T7914: Card s/n number missing in gpgsm
T7940: Release GnuPG 2.5.15
rGdb9705ef594d: gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures.
rG8abc320f2a75: gpg: Error out on unverified output for non-detached signatures.
T1825: Add a re-encrypt to additional key
T7649: gnupg: Use KEM interface for encryption/decryption
T7804: de-vs compliance not shown if also password encrypted
T7811: gpgsm: Use KEM interface for decryption
T7829: w32: daemon (gpg-agent/keyboxd/dirmngr) startup and connection race when there is a socket file already
T7840: Oddity with 7816 change_reference_data
T7845: gpgsm: Use KEM interface for encryption
T7855: keybox/keydb locking issue in 2.6
T7863: Kleopatra: the certificate list is not refreshed at the end of the deletion of multiple secret keys
T7866: Allow separate LDAP keyserver for uploading
T7801: Release GnuPG 2.5.13

Event Timeline

• werner triaged this task as Normal priority.Oct 22 2025, 2:16 PM

• werner created this task.

• werner created this object with edit policy "Administrators".

• werner updated the task description. (Show Details)Oct 22 2025, 2:18 PM

• werner mentioned this in T7801: Release GnuPG 2.5.13.Oct 22 2025, 2:21 PM

• werner updated the task description. (Show Details)

• werner mentioned this in T7940: Release GnuPG 2.5.15.Wed, Nov 19, 5:27 PM

• werner updated the task description. (Show Details)Wed, Nov 19, 5:40 PM