Query: Advanced Search

build: New configure option --with-libtool-modification.

rsa: Fix decoding of PKCS#1 v1.5 and OAEP padding.

const-time: Use ct_not_memequal, instead. Tested with AVR.

build: Check if arch is VAX or compiler is MSVC.

cipher: Fix ElGamal decryption.

rsa: Use memmov_independently when unpadding.

const-time: Add ct_memmov_cond, fix _gcry_mpih_set_cond.

Use single constant-time memory comparison implementation

const-time: always avoid comparison operator for byte comparison

rsa, elgamal: avoid logical not operator in constant-time code

const-time: prefix global symbols with _gcry_

mpih_set_cond: restore EM leakage mitigation

const-time: ct_memmov_cond: switch to use dual mask approach

mpih-const-time: use global vzero/vone variable

mpiutil: use global vone and vzero

ec-nist: use global vone and vzero

ec-nist: avoid unintentional conditional branch by comparison

mpih_cmp_ui: avoid unintentional conditional branch

ec: avoid unintentional condition branches for 25519, 448 and 256k1

const-time: add functions for generating masks from 0/1 input

mpih-const-time: use constant-time comparisons conditional add/sub/abs

mpih_mod: avoid unintentional conditional branch

mpi: Fix ECC computation on hppa.

random:jent: Fix for jent_rng_is_initialized.

random:jent: Fix build with address sanitizer.

cipher:kyber: No change ABI/API for gcry_kem_genkey.

mpi: Use secure MPI in _gcry_mpi_assign_limb_space.

secmem: Handle HAVE_BROKEN_MLOCK for the case with ASAN.

Merge branch 'master' into LIBGCRYPT-1.11-BRANCH

Merge commit '4876a1a4' into LIBGCRYPT-1.11-BRANCH

cipher:kem:ecc: Support secp256k1 by KEM API.

cipher:kem: Provide each enum constant as macro.

build: Allow build with no Kyber.

build: More changes to allow build with no Kyber.

cipher:ecc: Silence GCC 15 warning.

cipher:rsa: Fix missing initialization in generate_fips.

mpi: Provide the function prototype of __udiv_qrnnd.

Add missing abiversion tag for PowerPC assembly

Add missing machine tags for PowerPC assembly

poly1305-p10le: use '.rodata' section for read-only data

Mark nonstring use cases with __nonstring__ attribute.

random:jent: Fix for jent_rng_is_initialized.

random:jent: Fix build with address sanitizer.

mpi: Fix redefinition of types.

secmem: Handle HAVE_BROKEN_MLOCK for the case with ASAN.

mpi: Introduce mpi_tfr and use it for point_tfr.

t-kem: fix test loop iteration

cipher:aria: Fix compiler error on NetBSD.

Update autogen.sh and gpg-error.m4 from upstream.

Update autogen.sh also for test(1) -o adjustment.

Adjust scripts for test(1) operator -a removal

mceliece6688128f: fix stack overflow crash on win64/wine

mceliece6688128f: fix UBSAN runtime errors

cipher-xts: harden mask generation against branch optimization

rijndael: harden mask generation against branch optimization

mpih-pow: harden condition calculation against branch optimization

kyber: harden mask generation against branch optimization

sntrup761: harden mask generation against branch optimization

sntrup761: use const-time helpers for memory comparison and cond move

mceliece6688128f: harden mask generation against branch optimization

const-time: add 64-bit fast paths for const-time buffer functions

mceliece6688128f: use const-time helper for memory comparison

Add stack burning for PQC algorithms

cipher:kyber: Apply a change from upstream.

mpi: Use secure MPI in _gcry_mpi_assign_limb_space.

fips,cipher: Fix the regression with disabled public-key algo.

	Include stories about projects I am a member of.

Thank you for your report.

TL;DR
This ticket was created because building static-linked gpgv shows warnings from glibc for getpwnam and getpwuid.
Basically, we can/should ignore the warnings from glibc at link time (for normal use cases), because it is irrelevant.

Fix build with libassuan 2.

I see your point. I am afraid adding skipme causes a larger changes.

Here are changes to fix the behavior:

0003-gpg-Return-an-error-when-data-is-too-long.patch1 KBDownload

0004-gpg-Skip-the-packet-on-some-errors-when-parsing-sign.patch2 KBDownload

Re-opened because a regression is reported.

fips,cipher: Fix the regression with disabled public-key algo.

On 2026-01-20, I found the message to security@gnupg.org of:
Message-ID: 4e708880-04ac-45bc-8d16-6b585f2652a1n@aisle.com
in may spam folder. It has a 10MB long attachment. That might be one of reasons to be identified as a spam.

Considering the current implementation (tpm2d doesn't support keyinfo like scdaemon), it would be good to check the buffer size.
(If key information is accessible easily, we can check with a specific key.)

Backports have been done in both (1.10/1.11) branches.

build: Update m4 files.

build: Update build-aux and m4 from libgpg-error.

build: Update ksba.m4 from libksba.

build: Update build-aux and m4 from libgpg-error.

build: Update build-aux and m4 from libgpg-error and libassuan.

build: Update build-aux and m4 from libgpg-error.

build: Fix typos in texinfo.tex.

build: Apply local change to texinfo.tex.

Fix for header files for sys/time.h and sys/select.h.

build: Update build-aux and m4 from libgpg-error.

Advanced Search
Use Results
Edit Query
Hide Query

Jan 30 2026

Jan 29 2026

Jan 28 2026

Jan 23 2026

Jan 22 2026

Jan 21 2026

Jan 20 2026

Jan 19 2026

Jan 15 2026

Jan 14 2026

Advanced SearchUse ResultsEdit QueryHide Query

Jan 30 2026

Jan 29 2026

Jan 28 2026

Jan 23 2026

Jan 22 2026

Jan 21 2026

Jan 20 2026

Jan 19 2026

Jan 15 2026

Jan 14 2026

Advanced Search
Use Results
Edit Query
Hide Query