Page MenuHome GnuPG
Feed All Stories

All Stories
Use Results
Edit Query

Jan 28 2026

tfry committed rOJ5fd91df488c7: Remove further direct references to EWS. (authored by tfry).
Remove further direct references to EWS.
Jan 28 2026, 2:48 PM
m.eik triaged T8062: improve version information for debugging as Normal priority.
Jan 28 2026, 2:44 PM · gpgol2
pl13 committed rG0437dfc94b23: tests: Add test for parsing too large signature packets. (authored by pl13).
tests: Add test for parsing too large signature packets.
Jan 28 2026, 2:31 PM
tfry committed rOJ14d1f4bc1044: Remove/port further direct usages of EWS API (authored by tfry).
Remove/port further direct usages of EWS API
Jan 28 2026, 1:56 PM
werner committed rG81760cc931d6: Fix stub functions to avoid LTO linking bugs. (authored by werner).
Fix stub functions to avoid LTO linking bugs.
Jan 28 2026, 1:41 PM
tfry committed rOJ4b75d756017e: Port usage to Graph-API, with a fallback to EWS for on-premises installations (authored by tfry).
Port usage to Graph-API, with a fallback to EWS for on-premises installations
Jan 28 2026, 1:41 PM
tfry committed rOJa343e72dc0dd: Finish porting reencrypt feature to EWS/Graph-API abstraction (authored by tfry).
Finish porting reencrypt feature to EWS/Graph-API abstraction
Jan 28 2026, 1:41 PM
werner added a comment to T8029: IPC error on batch import of secret kyber cert.

My actual plan is to rework the imp[ort/export of secret keys to gpg-agent. Right now gpg-agent has knowledge of OpenPGP for import/export. This is not good and the required conversion should be moved to a helper tools for easier testing and to have this out of the gpg-agent process. For Kyber we right now don't use any conversion mut store the secret keys in gpg-agent's native format. Thus the passphrase is not necessary. We need to figure out why we have this problem here.

Jan 28 2026, 11:47 AM · gnupg26, Bug Report, gpd5x, kleopatra
tfry triaged T8061: reencrypt: Deal with subfolders as Normal priority.
Jan 28 2026, 11:32 AM · gpgol2
tfry abandoned D624: Enhance reencrypt dialog UI.

Merged, manually.

Jan 28 2026, 10:58 AM
tfry committed rOJb2565accaf4a: Refresh web files (authored by tfry).
Refresh web files
Jan 28 2026, 10:57 AM
tfry committed rOJ9bfc7cc5f604: Merge branch 'work/tfry/reencrypt_ui' (authored by tfry).
Merge branch 'work/tfry/reencrypt_ui'
Jan 28 2026, 10:57 AM
tfry committed rOJbcd891a5daa5: Remove unused sources files (authored by tfry).
Remove unused sources files
Jan 28 2026, 9:42 AM
gniibe committed rMe4623a83adf4: Fix build with libassuan 2. (authored by collinfunk).
Fix build with libassuan 2.
Jan 28 2026, 7:04 AM
l10n daemon script <scripty@kde.org> committed rLIBKLEOd1915630a249: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Jan 28 2026, 4:47 AM

Jan 27 2026

werner committed rG3fdd959d8994: Post release updates (authored by werner).
Post release updates
Jan 27 2026, 6:51 PM
werner committed rGf2f89dc82538: po: msgmerge (authored by werner).
po: msgmerge
Jan 27 2026, 6:51 PM
werner committed rG17b514596f60: Release 2.5.17 (authored by werner).
Release 2.5.17
Jan 27 2026, 6:51 PM
werner committed rG11b7e4139e82: gpg: Fix possible NULL-deref with overlong signature packets. (authored by werner).
gpg: Fix possible NULL-deref with overlong signature packets.
Jan 27 2026, 6:51 PM
werner committed rG93fa34d9a346: tpm: Fix possible buffer overflow in PKDECRYPT (authored by werner).
tpm: Fix possible buffer overflow in PKDECRYPT
Jan 27 2026, 6:51 PM
werner committed rGc3e387427977: po: Update Swedish translation (authored by Daniel Nylander <github@danielnylander.se>).
po: Update Swedish translation
Jan 27 2026, 6:51 PM
werner committed rGeba28eeaa1b1: agent: Add accelerator keys for "Wrong" and "Correct". (authored by werner).
agent: Add accelerator keys for "Wrong" and "Correct".
Jan 27 2026, 6:51 PM
werner committed rG2438271ab601: agent: Fix stack buffer overflow when using gpgsm and KEM (authored by werner).
agent: Fix stack buffer overflow when using gpgsm and KEM
Jan 27 2026, 6:51 PM
bernhard added a comment to T8059: Gpg4win: Change bug report address to a Gpg4win-specific address.

This ticket is explicitly about Kleopatra included in Gpg4win.

Jan 27 2026, 6:43 PM · needs discussion, gpd5x, kleopatra, gpg4win
werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2026q1/000501.html on T7996: Release GnuPG 2.5.17 (security).
Jan 27 2026, 5:52 PM · CVE, gnupg, Release Info
ikloecker added a comment to T8059: Gpg4win: Change bug report address to a Gpg4win-specific address.
In T8059#212270, @bernhard wrote:

Kleopatra is also run on GNU/Linux Distributions.

Jan 27 2026, 5:34 PM · needs discussion, gpd5x, kleopatra, gpg4win
werner committed rD400df30db64e: Security announcement (authored by werner).
Security announcement
Jan 27 2026, 5:34 PM
werner updated the task description for T8060: Release Gpg4win 5.0.1.
Jan 27 2026, 5:28 PM · gpg4win, Release Info
werner committed rDc5bbc42c40a6: swdb: GnuPg 2.5.17 and Gpg4win 5.0.1 (authored by werner).
swdb: GnuPg 2.5.17 and Gpg4win 5.0.1
Jan 27 2026, 5:26 PM
werner closed T8045: Stack-based buffer overflow in TPM2 `PKDECRYPT` as Resolved.
Jan 27 2026, 5:18 PM · gnupg26, CVE, TPM, Bug Report
werner closed T8049: Null pointer dereference with overlong signature packet as Resolved.
Jan 27 2026, 5:17 PM · segv, gnupg26, Bug Report
werner closed T8055: pinentry-tty: Correct/Cancel/Wrong - what does "C" select? as Resolved.
Jan 27 2026, 5:17 PM · gnupg, pinentry, Bug Report
werner renamed T8049: Null pointer dereference with overlong signature packet from Security (internal) - Aisle Research report: Null pointer dereference with overlong signature packet to Null pointer dereference with overlong signature packet.
Jan 27 2026, 5:16 PM · segv, gnupg26, Bug Report
werner changed the visibility for T8045: Stack-based buffer overflow in TPM2 `PKDECRYPT`.
Jan 27 2026, 5:12 PM · gnupg26, CVE, TPM, Bug Report
werner closed T8044: gpg-agent stack buffer overflow in pkdecrypt using KEM as Resolved.
Jan 27 2026, 5:12 PM · CVE, gnupg26, gpgagent, Bug Report
werner changed the visibility for T7996: Release GnuPG 2.5.17 (security).
Jan 27 2026, 5:11 PM · CVE, gnupg, Release Info
bernhard added a comment to T8059: Gpg4win: Change bug report address to a Gpg4win-specific address.

Kleopatra is also run on GNU/Linux Distributions.

Jan 27 2026, 4:20 PM · needs discussion, gpd5x, kleopatra, gpg4win
werner added a comment to T7996: Release GnuPG 2.5.17 (security).

This is a security update

Jan 27 2026, 3:47 PM · CVE, gnupg, Release Info
werner renamed T7996: Release GnuPG 2.5.17 (security) from Release GnuPG 2.5.17 to Release GnuPG 2.5.17 (security).
Jan 27 2026, 3:44 PM · CVE, gnupg, Release Info
ebo moved T8045: Stack-based buffer overflow in TPM2 `PKDECRYPT` from Backlog to Done on the gnupg26 board.
Jan 27 2026, 2:34 PM · gnupg26, CVE, TPM, Bug Report
ebo edited projects for T8045: Stack-based buffer overflow in TPM2 `PKDECRYPT`, added: gnupg26; removed gnupg.
Jan 27 2026, 2:33 PM · gnupg26, CVE, TPM, Bug Report
ebo moved T8044: gpg-agent stack buffer overflow in pkdecrypt using KEM from Backlog to Done on the gnupg26 board.
Jan 27 2026, 2:31 PM · CVE, gnupg26, gpgagent, Bug Report
ebo closed T7990: export-minimal unexpectedly omits expired key as Resolved.

Option works in Gpg4win-5.0.1 with GnuPG 2.5.17

Jan 27 2026, 2:29 PM · gnupg26, Feature Request, Gentoo
ebo moved T6623: Kleopatra hangs "Loading certificate cache" on Windows 10 from Done to gpd-5.0.0 on the gpd5x board.
Jan 27 2026, 1:59 PM · gpd5x (gpd-5.0.0), kleopatra
ebo moved T4581: Kleopatra stuck in loading the certificate cache from Done to gpd-5.0.0 on the gpd5x board.
Jan 27 2026, 1:59 PM · gpd5x (gpd-5.0.0), gpg4win, kleopatra, Bug Report
ebo moved T7434: Kleopatra: Initial keylisting hangs for ~60 seconds (gpg-agent: Socket ...S.gpg-agent cannot be bound) from Done to gpd-5.0.0 on the gpd5x board.
Jan 27 2026, 1:58 PM · gpd5x (gpd-5.0.0), gnupg, kleopatra
ebo moved T8026: Kleopatra: Export of multiple S/MIME certificates only exports one from Done to gpd-5.0.1 on the gpd5x board.
Jan 27 2026, 1:58 PM · gpd5x (gpd-5.0.1), gnupg26, Bug Report
ebo created gpd5x (gpd-5.0.1).
Jan 27 2026, 1:57 PM
ebo closed T8026: Kleopatra: Export of multiple S/MIME certificates only exports one as Resolved.
Jan 27 2026, 1:54 PM · gpd5x (gpd-5.0.1), gnupg26, Bug Report
ebo moved T8026: Kleopatra: Export of multiple S/MIME certificates only exports one from WIP to Done on the gnupg26 board.

works in Gpg4win 5.0.1 with GnuPG 2.5.17

Jan 27 2026, 1:52 PM · gpd5x (gpd-5.0.1), gnupg26, Bug Report
werner added a comment to T8028: Release Gpg4win 5.0.0.

Gpg4win 5.0.0 (2026-01-14)

Jan 27 2026, 11:45 AM · gpg4win, Release Info
werner triaged T8060: Release Gpg4win 5.0.1 as High priority.
Jan 27 2026, 11:45 AM · gpg4win, Release Info
ikloecker created T8059: Gpg4win: Change bug report address to a Gpg4win-specific address.
Jan 27 2026, 9:02 AM · needs discussion, gpd5x, kleopatra, gpg4win
tfry committed rOJ9722d1b87d4a: Cleanups (authored by tfry).
Cleanups
Jan 27 2026, 8:23 AM
tfry committed rOJ2262c655ee91: Request API permissions based on type of installation (authored by tfry).
Request API permissions based on type of installation
Jan 27 2026, 8:23 AM
l10n daemon script <scripty@kde.org> committed rMTPd1cdd6f6abf2: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Jan 27 2026, 4:25 AM
Albert Astals Cid <aacid@kde.org> committed rKLEOPATRAd15e118981ac: GIT_SILENT Upgrade release service version to 25.12.2. (authored by Albert Astals Cid <aacid@kde.org>).
GIT_SILENT Upgrade release service version to 25.12.2.
Jan 27 2026, 2:00 AM
Albert Astals Cid <aacid@kde.org> committed rKLEOPATRA52ede8008647: GIT_SILENT Update Appstream for new release (authored by Albert Astals Cid <aacid@kde.org>).
GIT_SILENT Update Appstream for new release
Jan 27 2026, 2:00 AM
Albert Astals Cid <aacid@kde.org> committed rKLEOPATRAb1ab409dfc5d: GIT_SILENT Update Appstream for new release (authored by Albert Astals Cid <aacid@kde.org>).
GIT_SILENT Update Appstream for new release
Jan 27 2026, 2:00 AM

Jan 26 2026

tfry committed rOJf3021f1be3fe: Fix copy-and-update graph implementaion; add send mail implementation (authored by tfry).
Fix copy-and-update graph implementaion; add send mail implementation
Jan 26 2026, 4:39 PM
tfry committed rOJ0d5f7d38296a: Send mails via abstracted API (authored by tfry).
Send mails via abstracted API
Jan 26 2026, 4:39 PM
tfry committed rOJ6750a5550794: Implement further basic mail jobs, and start porting reencrypt code (authored by tfry).
Implement further basic mail jobs, and start porting reencrypt code
Jan 26 2026, 4:39 PM
ebo triaged T8058: Draft: Kleopatra: Upload specific variant needed for the export warning in case of uncertified certificates as Normal priority.
Jan 26 2026, 4:16 PM · gpd5x, kleopatra
ebo renamed T7496: Kleopatra: Unify the UI process for server upload (-> small string change) from Kleopatra: Unify the UI process for server upload to Kleopatra: Unify the UI process for server upload (-> small string change).
Jan 26 2026, 4:04 PM · gpd5x, kleopatra
ebo added a parent task for T6769: Kleopatra: Change warning on keyserver upload: T8057: Certificate upload related improvements.
Jan 26 2026, 2:57 PM · vsd33 (vsd-3.3.0), Restricted Project, kleopatra
ebo added a parent task for T7495: Kleopatra: Improve success message on keyserver upload: T8057: Certificate upload related improvements.
Jan 26 2026, 2:57 PM · vsd34, gpd5x (gpd-5.0.0), kleopatra
ebo added a parent task for T7496: Kleopatra: Unify the UI process for server upload (-> small string change): T8057: Certificate upload related improvements.
Jan 26 2026, 2:57 PM · gpd5x, kleopatra
ebo added a parent task for T7772: Kleopatra: Config option - only allow upload of certificates with private key to LDAP keyserver: T8057: Certificate upload related improvements.
Jan 26 2026, 2:57 PM · gpd5x (gpd-5.0.2), vsd34, kleopatra
ebo added subtasks for T8057: Certificate upload related improvements: T7495: Kleopatra: Improve success message on keyserver upload, T6769: Kleopatra: Change warning on keyserver upload, T7496: Kleopatra: Unify the UI process for server upload (-> small string change), T7772: Kleopatra: Config option - only allow upload of certificates with private key to LDAP keyserver.
Jan 26 2026, 2:57 PM · kleopatra
ebo triaged T8057: Certificate upload related improvements as Normal priority.
Jan 26 2026, 2:54 PM · kleopatra
ebo added a project to T7495: Kleopatra: Improve success message on keyserver upload: vsd34.
Jan 26 2026, 2:48 PM · vsd34, gpd5x (gpd-5.0.0), kleopatra
ebo closed T7579: Kleopatra: improve menu items as Resolved.
Jan 26 2026, 2:38 PM · gpd5x (gpd-5.0.0), kleopatra
ebo closed T7674: Kleopatra: Restore behavior of RSAKeySizes and PGPKeyType as Resolved.
Jan 26 2026, 2:29 PM · vsd33 (vsd-3.3.3), kleopatra
ebo triaged T8056: Support config options RSAKeySizes and PGPKeyType for Kf6 as Normal priority.
Jan 26 2026, 2:29 PM · gpd5x (gpd-5.0.2), kleopatra
ebo placed T6568: Kleopatra: make table column headings accessible up for grabs.
Jan 26 2026, 2:01 PM · gpd5x (gpd-5.0.2), vsd34, a11y, kleopatra
ebo placed T6874: Kleopatra subkey management improvements up for grabs.
Jan 26 2026, 1:59 PM · kleopatra
timegrid added a comment to T8052: GnuPG: First listing of secret keys is empty.

To reproduce the hang, a loop will suffice (usually happens within the first 15 times, once it needed 50 runs):

Jan 26 2026, 11:39 AM · gpd5x (gpd-5.0.2), gpgrt, Bug Report, gpgagent, gnupg26
timegrid removed a project from T6587: GpgME++ / QGpgME MSVC build: Restricted Project.
Jan 26 2026, 11:22 AM · gpgme
ikloecker changed the status of T6537: Make KIO::move work on Windows when moving between different partitions, a subtask of T6373: Kleopatra: Show progress dialog when moving decrypted archive to final destination, from Testing to Open.
Jan 26 2026, 11:20 AM · Feature Request, gpd5x, kleopatra
ikloecker changed the status of T6537: Make KIO::move work on Windows when moving between different partitions from Testing to Open.

This is still open. It cannot be tested because Gpg4win still doesn't use KIO::move on Windows (because the above patch has not yet been merged).

Jan 26 2026, 11:20 AM · gpd5x, kleopatra
ikloecker changed the status of T6537: Make KIO::move work on Windows when moving between different partitions, a subtask of T6851: Kleopatra: Allow users to change name of decryption result if file already exists, from Testing to Open.
Jan 26 2026, 11:20 AM · vsd33 (vsd-3.3.0), kleopatra, Restricted Project
timegrid added a comment to T8053: GpgSM: `log-file` is ignored.

There's no other configuration, this happens with a clean gnupghome with one smime cert + root cert and the above gpgsm.conf (output on stdin/stderr):

Jan 26 2026, 11:18 AM · gpd5x, Bug Report, S/MIME, gnupg26
ikloecker added a comment to T6373: Kleopatra: Show progress dialog when moving decrypted archive to final destination.

I think this is still open (and requires T6537: Make KIO::move work on Windows when moving between different partitions).

Jan 26 2026, 11:15 AM · Feature Request, gpd5x, kleopatra
ikloecker added a comment to T6587: GpgME++ / QGpgME MSVC build.

This is not yet fixed. KDE still applies a patch to gpgmepp (and gpgmeqt) to ifdef a few GCCisms.

Jan 26 2026, 11:13 AM · gpgme
tfry committed rOJc96c4628b833: Implement copy-and-update mail operation using Graph API (authored by tfry).
Implement copy-and-update mail operation using Graph API
Jan 26 2026, 9:13 AM

Jan 25 2026

mfilippov added a comment to T8047: Support secure memory on Windows.

@werner I added an implementation https://dev.gnupg.org/D622
that matches Linux behavior and avoids the message about secure memory not being supported on Windows. The change is scoped to the pinentry tool and intentionally follows Linux behavior. Does this approach look reasonable to you?

Jan 25 2026, 9:02 PM · Windows, gnupg, Feature Request
werner committed rE9b7c3438a3c9: po: Update Swedish translation. (authored by Daniel Nylander <github@danielnylander.se>).
po: Update Swedish translation.
Jan 25 2026, 6:30 PM
werner added a comment to T8049: Null pointer dereference with overlong signature packet.

Reconsidering this all I don't think it makes any sense to distinguish between (-1) and GPG_ERR_INV_PACKET. We use (-1) for a too short read of the hashed or unhashed area (premature eof). INV_PACKET is for unknown versions, too much data (arbitrary limit), bad parameters, and underflow. Let's forget my previous comment and always use INV_PACKET.

Jan 25 2026, 5:23 PM · segv, gnupg26, Bug Report
werner changed the status of T8045: Stack-based buffer overflow in TPM2 `PKDECRYPT` from Open to Testing.
Jan 25 2026, 5:02 PM · gnupg26, CVE, TPM, Bug Report
werner triaged T8055: pinentry-tty: Correct/Cancel/Wrong - what does "C" select? as Low priority.
Jan 25 2026, 4:38 PM · gnupg, pinentry, Bug Report
werner added a comment to T8055: pinentry-tty: Correct/Cancel/Wrong - what does "C" select?.

I think "O" is a better key:

Jan 25 2026, 4:37 PM · gnupg, pinentry, Bug Report
werner added a comment to T8055: pinentry-tty: Correct/Cancel/Wrong - what does "C" select?.

We need to change the accelerator. Right now gpg-agent uses

Jan 25 2026, 4:14 PM · gnupg, pinentry, Bug Report
ametzler1 created T8055: pinentry-tty: Correct/Cancel/Wrong - what does "C" select?.
Jan 25 2026, 7:47 AM · gnupg, pinentry, Bug Report
l10n daemon script <scripty@kde.org> committed rKLEOPATRA1d48a2d22924: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Jan 25 2026, 2:46 AM

Jan 24 2026

mlaurent committed rKLEOPATRAc99e87af987a: Add lsan CI support (authored by mlaurent).
Add lsan CI support
Jan 24 2026, 3:23 PM
mlaurent committed rMTP2a204bce0c6f: Add lsan CI support (authored by mlaurent).
Add lsan CI support
Jan 24 2026, 3:22 PM
l10n daemon script <scripty@kde.org> committed rLIBKLEObe6a850fc5d2: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Jan 24 2026, 2:47 AM
l10n daemon script <scripty@kde.org> committed rKLEOPATRA4509b2383e1e: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Jan 24 2026, 2:47 AM

Jan 23 2026

werner triaged T8047: Support secure memory on Windows as Low priority.

I don't think that we will implement that any time soon. Today we too often require more mlock-able memory than available and in this case Libgcrypt resorts to allocating new memory arenas which are not locked. This is not as worse as one might think: the majro advantage with secmem is that a free() on secmem allocated memory will also wipe that memory. A better solution has always been to use an encrypted swap/paging file. 25 years ago, it was not easy to configure but today there should be no problem and hopefully already the default.

Jan 23 2026, 9:25 PM · Windows, gnupg, Feature Request
werner lowered the priority of T8049: Null pointer dereference with overlong signature packet from Unbreak Now! to Normal.
Jan 23 2026, 9:18 PM · segv, gnupg26, Bug Report
First
Prev
Next