Is in 2.4.4 and will go into 2.2.43
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed Advanced Search
Advanced Search
Advanced Search
Jan 26 2024
Jan 26 2024
tools: Fix argparse table of gpgconf.
• werner moved T6963: Trust system's root CA for checking CRL issuers from WiP to gnupg-2.2.43 on the gnupg22 board.
• werner committed rG4dc09bc5e7f3: dirmngr: For CRL issuer verification trust the system's root CA. (authored by • werner).
dirmngr: For CRL issuer verification trust the system's root CA.
• werner committed rG935b5a49b416: dirmngr: For CRL issuer verification trust the system's root CA. (authored by • werner).
dirmngr: For CRL issuer verification trust the system's root CA.
• werner moved T6963: Trust system's root CA for checking CRL issuers from Backlog to WiP on the gnupg22 board.
• werner closed T6961: On Windows the gpgtar --status-fd 2 does not show the gpg status lines as Resolved.
Oh, well it does happen only with --status-fd=2 because of a c+p error by me. For status-fd > 2, as used by GPGME, there is no problem, because this is handled by an exception list.
• werner committed rGeaf6a7ab8796: common,w32: Fix use of GNUPG_SPAWN_KEEP_STDERR. (authored by • werner).
common,w32: Fix use of GNUPG_SPAWN_KEEP_STDERR.
• werner committed rG535c5cf76913: common,w32: Fix use of GNUPG_SPAWN_KEEP_STDERR. (authored by • werner).
common,w32: Fix use of GNUPG_SPAWN_KEEP_STDERR.
Merge branch 'STABLE-BRANCH-2-4'
• werner committed rD2a01d672bd31: blog: Removed footnote given that the gpg4win site is up to date. (authored by • werner).
blog: Removed footnote given that the gpg4win site is up to date.
Jan 25 2024
Jan 25 2024
Are you seriously using version 2.0 which had its EOL of 6 years ago? Libgcrypt 1.5 EOF was even a year earlier. Sorry, I won't look into that.
• werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2024q1/000481.html on T6578: Release GnuPG 2.4.4.
web: Announce 2.4.4
blog: Change footnote
Post release updates
swdb: gpg4win 4.3.0
• werner triaged T6961: On Windows the gpgtar --status-fd 2 does not show the gpg status lines as Normal priority.
Release 4.3.0
• werner added a comment to T6944: The default card key generation keeps an unprotected backup of the encryption key on disk.
Also fixed in the fortgcoming 2.2.43
Prepare NEWS for 4.3.0
blog: Add smartcard-backup-key
swdb: gnupg 2.4.5
Update GnuPG to version 2.4.4
• werner closed T6943: Add tool to detect and clean unsolicited copies of smartcard keys as Resolved.
• werner moved T6943: Add tool to detect and clean unsolicited copies of smartcard keys from QA to gnupg-2.4.4 on the gnupg24 board.
• werner shifted T6944: The default card key generation keeps an unprotected backup of the encryption key on disk from the Restricted Space space to the S1 Public space.
• werner shifted T6943: Add tool to detect and clean unsolicited copies of smartcard keys from the Restricted Space space to the S1 Public space.
Post release updates
po: msgmerge
Release 2.4.4
card: Tweak the checkcmds sub-command.
Jan 24 2024
Jan 24 2024
• werner awarded T6957: Add algo and keygrip columns to Kleo's certificate view a Like token.
• werner committed rGd4976e35d2ca: gpg: Add sub-option ignore-attributes to --import-options. (authored by • werner).
gpg: Add sub-option ignore-attributes to --import-options.
• werner moved T6379: Kleopatra: Brainpool key can not be moved to smart card from QA to gnupg-2.4.4 on the gnupg24 board.
• werner raised the priority of T6620: Add a way to extract ECC key parameters from a public key from Normal to High.
Just a reminder, this is important for 384 bit keys (see T6379).
• werner moved T6379: Kleopatra: Brainpool key can not be moved to smart card from Restricted Project Column to Restricted Project Column on the Restricted Project board.
The state of the brain is:
doc: Minor typo fix.
These gpgsk files are standard private-keys-v1 files with an additional Backup-info line showing for example the keygrip.
There are no certificates in the file, thus we can either use gpg or gpgsm as driver.
No test environment in our QA dept.
• werner moved T6831: May chose a signing key from a not inserted card over an inserted one from QA to gnupg-2.4.4 on the gnupg24 board.
• werner closed T6831: May chose a signing key from a not inserted card over an inserted one as Resolved.
Fixed in 2.4.4. Feel free to re-open if you still see problems.
• werner moved T6741: gpg 2.3+ may display garbled characters for date and time in non-English Windows from QA to gnupg-2.4.4 on the gnupg24 board.
• werner closed T6741: gpg 2.3+ may display garbled characters for date and time in non-English Windows as Resolved.
No regression, assuming things work.
• werner moved T3380: Use exponential backoff when spawning agent and dirmngr from QA to gnupg-2.4.4 on the gnupg24 board.
Hard to test without instrumenting the code.
• werner moved T6796: gpg does create socketdir after every operation from QA to gnupg-2.4.4 on the gnupg24 board.
Tested during development.
• werner moved T6902: gpgconf: the questionable value 256 for flags in gpgrt_opt_t from QA to gnupg-2.4.4 on the gnupg24 board.
Tested for 2.4
• werner moved T6710: Improve Speedo for Linux to set DT_RUNPATH. from QA to gnupg-2.4.4 on the gnupg24 board.
@alexk and me tested this. The core functionality works.
• werner moved T6944: The default card key generation keeps an unprotected backup of the encryption key on disk from WiP to gnupg-2.2.43 on the gnupg22 board.
• werner moved T6944: The default card key generation keeps an unprotected backup of the encryption key on disk from QA to gnupg-2.4.4 on the gnupg24 board.
• werner added a comment to T6944: The default card key generation keeps an unprotected backup of the encryption key on disk.
Fixed in 2.4.4 and 2.2.43 - see above for affected versions.
• werner moved T6919: Add support for smartcafe cards from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Works for the two sample RSA cards. Ticket may eventually be re-opened if we run into problems with ECC cards.
Fixes are already in GnuPG 2.4.4 and can't be easily tested. Thus closing also for gnupg24
Jan 24 2024, 2:22 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Restricted Project, vsd, Feature Request
• werner moved T6708: Allow to inhibit the use of a default PGP keyserver from WiP to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 2:20 PM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Restricted Project, vsd, Feature Request
po: Update German translation.
• werner committed rG154ecf17bddc: speedo: Build zlib, bzip2 and sqlite also on Unix. (authored by • werner).
speedo: Build zlib, bzip2 and sqlite also on Unix.
• werner committed rG3b69d8bf7146: gpg: Fix leftover unprotected card backup key. (authored by • werner).
gpg: Fix leftover unprotected card backup key.
Closing because we believe things are fixed and our test suite confirms that. Feel free to -reopen in case your own file does not import with 2.4.4.
Jan 24 2024, 11:42 AM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Bug Report, S/MIME, Restricted Project
• werner moved T6536: Extend P12 parser for ShroudedKeyBag inside a CertBag from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 11:41 AM · gnupg24 (gnupg-2.4.4), gnupg22 (gnupg-2.2.42), Bug Report, S/MIME, Restricted Project
• werner moved T6752: New minip12 does not import from Firefox anymore from QA to gnupg-2.4.4 on the gnupg24 board.
The test file is now part of our test suite and passes.
• werner moved T6559: GPGSM: "always trust like override" or "force" option from QA to gnupg-2.4.4 on the gnupg24 board.
Jan 24 2024, 11:37 AM · gnupg24 (gnupg-2.4.4), gpgme (gpgme 1.23.x), gnupg22 (gnupg-2.2.42), Feature Request, gpgol, S/MIME, kleopatra, Restricted Project
• werner moved T6757: gpgsm 2.4 Fails to import P12 certificate/key from QA to gnupg-2.4.4 on the gnupg24 board.
We meanwhile have a lot of test cases in our test suite and we see no issue. Closing this bug; feel free to re-open if it is not fixed for your case in 2.4.4.
• werner closed T6757: gpgsm 2.4 Fails to import P12 certificate/key, a subtask of T6752: New minip12 does not import from Firefox anymore, as Resolved.
I did a couple of test on the command line which should be sufficient.
• werner moved T6942: Differing fingerprint length with curve 448 from QA to gnupg-2.4.4 on the gnupg24 board.
• werner moved T6942: Differing fingerprint length with curve 448 from WiP to QA on the gnupg24 board.
• werner moved T6944: The default card key generation keeps an unprotected backup of the encryption key on disk from Backlog to WiP on the gnupg22 board.
• werner added a project to T6944: The default card key generation keeps an unprotected backup of the encryption key on disk: gnupg22.
We need to fix 2.2.42 too. This because we backported the responsible patch.
• werner committed rGbea31c845aad: card: flush stdout to get checkcmd's info messages in order. (authored by • werner).
card: flush stdout to get checkcmd's info messages in order.
Having a second build system for GPGME is not a good idea. This gives us a headache for maintaining. If you really need this for private things, put this into a contrib directory and make clear that this is a non supported way to build things. And for the Qt bindings I am anyway in favor of removing them from GPGME proper.
Jan 23 2024
Jan 23 2024
tests: Add two more sample p12 files
speedo: Add a hint to run ldconfig
It is already implemented and will soon show up in 2.4.4 -)