Looks good to me on gpg4win-5.0.2-beta2 @ win11:

Looks good to me on gpg4win-5.0.2-beta2 @ win11.

The missing signature was a problem on my end. The customer mail (to ted / exchange server) works fine if the cert is in the keyring. The testmails (via outlook imap) are fine, too. I still need a better test setup for mails to our exchange accounts, but this is enough to rule out a problem in gpgol. I adjust my former message accordingly.

Hmm ich sehe weiterhin die Signatur.

Right, looks good to me now on gpg4win-5.0.2-beta2 @ win11:

Looks good to me on gpg4win-5.0.2-beta2 @ win11:

Possibly, it was the same cause as T8052 (the bug in libgpg-error spawning a process).

I looked at sm/keydb.c:keydb_set_ephemeral function. It says:

How did you configure? If possible, please show us the configure options when you built.
Did it work in older version(s) of libgpg-error?

Looks good to me on gpg4win-5.0.2-beta2 @ win11:

• first manual gpg -K and gpgsm -K displays the correct output now
• the loop ran without a hang for 50 times

Looks good to me on parallel install of

1. gpg4win-5.0.2-beta2 @ win11
2. vsd-4.0.0-beta1203 @ win11

Looks good to me on gpg4win-5.0.2-beta2 @ win11:

There shouldn't be any RegCreateKey anymore for HKLM\SOFTWARE\<product name>\... or HKCU\SOFTWARE\<product name>\.... And, of course, no registry keys should be created.

The missing signature indication can also be seen now in the customer mails sent via kmail (ted:INBOX, e.g. 18.02. 12:52). This was fine before.

Looks good to me on gpg4win-5.0.2-beta2 @ win11.
Tested import on 5 normal starts and 5 gdb starts.

The basic fix for the msg box looks good to me on gpg4win-5.0.2 (beta) @ win11.
There's only no signature shown anymore, not even for the formerly working case 1.
Note: I also tested those mails sent to an exchange server with the same result as via IMAP.

Looks like the "read config from registry" patch that was upstreamed wasn't tested properly.

It seemed that the reporter (also) claimed that a git repo could be weak/vulnerable when X.509 signature is used to validate the commits.

For the record (to show we don't hide a problem), I add some information.

It should be solved by the upstream (libtool, gnulib, and possibly autoconf/automake). The solution would be refactoring AC_PROG_LD and AC_LIB_PROG_LD factoring out common things like handling use of GNU LD.

Works with Gpg4win-5.0.2-beta2

Fixed.

Here's a full log of a gdb run, which segfaults on start:

full debugview log:

Please always attach the full Debugview log. Sometimes (like here) I really want to know everything that was logged since the start.

Fixed. This regression was caused by changes made for T8056: Support config options RSAKeySizes and PGPKeyType for Kf6.

The reporter informed:
CVE-2025-69913

In T8029#212310, @werner wrote:

My actual plan is to rework the imp[ort/export of secret keys to gpg-agent. Right now gpg-agent has knowledge of OpenPGP for import/export. This is not good and the required conversion should be moved to a helper tools for easier testing and to have this out of the gpg-agent process. For Kyber we right now don't use any conversion mut store the secret keys in gpg-agent's native format. Thus the passphrase is not necessary. We need to figure out why we have this problem here.

This is not "Unbreak now" because we have not released the software yet. Unbreak now should be used for bugs in deployed software but not during development.

Note: This was fine on gpg4win-5.0.1

Regarding some broken "reg create" on some filepath: split into T8141: Kleopatra: Many wrong registry keys created in HKCU\Software\Gpg4Win

I rechecked the keyboxd locking of pubring.db. On crash via gdb the file was unlocked before, so this doesn't seem to be the problem:

Libkleo does not specify the curve in the parameter file becuase keyCurvve:isEmpty is asserted:

Works on the command line and adding a subkey later does also work.

I found that it's not that simple to accept the case of no newline at the end.
Because we need to handle the edge case where no newline occurs at the maximum buffer length, too.
It's something like the following.

This is nothing we want to do in Kleopatra. The "Force" button will be removed shortly even for MDC error.

Also applied to 2.4 branch.

Also applied to 2.4 branch.

Libraries have been fixed (as well as GnuPG itself), so, closing.

The workaround is ready for testing. Kleopatra shouldn't show duplicate LDAP servers in the settings dialog. As a side effect global ldapserver entries should no longer multiply in the local dirmngr.conf each time the LDAP servers are changed, but one copy of the global ldapserver entries is still written to the local dirmngr.conf.

i have added this note to the template, currently updating the repos with new packages:

The fix is only a workaround, the duplicate entries are no longer shown in Kleopatra, they still exist and multiply on save.

One doesn't even need a global config file to reproduce the duplication.

IIRC, support for the keybox fomat was added on Debian's request with 2.1.7 in 2015 to gpgv. In fact gpgv was written on Debian's request (1.0.4 from fall 2000).

IIRC, support for the keybox fomat was added on Debian's request with 2.1.7 in 2015 to gpgv. In fact gpgv was written on Debian's request (1.0.4 from fall 2000).

I guess you need to report this to Debian

I guess you need to report this to Debian as their new sqv tools seems to be broken.