- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Jun 10 2018
Jun 9 2018
So we had two releases with the fist. Can we set this bug to resolved?
I've heard no critique of the logic above. could we get this fix landed? it is concretely useful for doing key generation on modern GNU/Linux systems.
Jun 8 2018
fwiw, i agree that if there's any security vulnerability here, it is in the verification side, not the creation side.
I was not aware that you could do this at all. You are right in that to start supporting this we first need to update libksba.
Unfortunately 2.2.8 does not build with older libgpg-error versions. Commit rG18274db32b5dea7fe8db67043a787578c975de4d should fix this.
Apologies for the delay, been working on GSoC stuff.
Here's what I've got as of right now:
2.2.8. with a fix has been released. Announcement
Yep. ?
[Better use the gnupg tag. Specific versions end up on the workboard and there may only be one.]
@dkg can you please take this up with Debian and other distros? See the commit for a brief description.
Fixed in 1.4, 2.2 and master. New releases will be done soon. Note that there is no need for a new gpg4win release because GPGME is not affected.
Okay. Thanks for looking into this.
In the meantime, I upgraded my Fedora installation so I won't be able to reproduce in the same circumstances. I suggest we close the issue for now. I will reopen if I manage to reproduce.
I tried this with the current 2.2 branch and master and was not able to replicate it. The stubs are all deleted as expected. I also checked the commit log since 2.2.6 and didn't found anything which indicated that such a bug was fixed.
Jun 7 2018
See rG26bce2f01d2029ea2b8a8dbbe36118e3c83c5cba for a description of the problem and its fix.
Thanks for reporting.
Jun 6 2018
Hi Werner,
The issue is the following:
I have 2 certificates in the trusted-certificates folder that is searched by gpgsm (C:\ProgramData\Gnu\etc\gnupg\trusted-certs) which I want to trust. When dirmngr starts, it reads the Windows trusted certifcate store (certlm.msc for both system and user - I don't know the path / location of the windows certificates folder outside certlm) and builds the list of certificates to use. Once this list is read and if any duplicates are found in the trusted-certificate folder, it ignores them - they are already present.
Thanks. I added all standard names to that list.
I do not fully understand your problem. Can you please explain it with an example and also state the full file names of the mentioned folders?
With recent versions of gpg you will now get Bad Data etc. This is implemented by giving an ERROR status line a higher precedence than the NO_SECKEY status.
BTW, you now need to use --rfc2440 to create a non-mdc message for testing.
Better?