Page MenuHome GnuPG
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Oct 18 2022

werner added a comment to T6238: regexp for trust signature domain restriction does not work if key only has an e-mail address.

We already detect mail addresses for different purposes and thus it will be easy to enclose them in angle brackets just for comparision.. Almost all trust signatures out there are created by gpg and used to restrict the mail domain. No need for different regexp. See also the comments in the code related to the history.

Oct 18 2022, 8:03 AM · backport, gnupg (gpg22), Bug Report, Restricted Project
werner closed T6230: Release Libksba 1.6.2 (CVE-2022-3515) as Resolved.
Oct 18 2022, 7:52 AM · CVE, Release Info, libksba

Oct 17 2022

werner committed rD85cd5e211ac7: web: Add security advisory (authored by werner).
web: Add security advisory
Oct 17 2022, 3:52 PM
werner closed T6106: Release GnuPG 2.3.8 as Resolved.
Oct 17 2022, 3:04 PM · Release Info, gnupg (gpg23)
werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2022q4/000476.html on T6106: Release GnuPG 2.3.8.
Oct 17 2022, 3:04 PM · Release Info, gnupg (gpg23)
werner added a comment to T6230: Release Libksba 1.6.2 (CVE-2022-3515).

Fixed Gpg4win version: https://lists.wald.intevation.org/pipermail/gpg4win-announce/2022/000098.html

Oct 17 2022, 3:03 PM · CVE, Release Info, libksba
werner committed rW2bd00a3c6fc1: appimage: Typo fix (authored by werner).
appimage: Typo fix
Oct 17 2022, 10:49 AM
werner committed rD3748173afd84: swdb: GnuPG 2.2.40 (authored by werner).
swdb: GnuPG 2.2.40
Oct 17 2022, 9:39 AM
werner committed rD6ec37744ca4e: Security Advisory 6230 (authored by werner).
Security Advisory 6230
Oct 17 2022, 9:39 AM
werner committed rDf9f83f9583aa: Add CVE to the security advisory (authored by werner).
Add CVE to the security advisory
Oct 17 2022, 9:39 AM
werner committed rD4a5133ae6c77: swdb: gpg4win 4.0.4 and gnupgdesk 2.3.8 (authored by werner).
swdb: gpg4win 4.0.4 and gnupgdesk 2.3.8
Oct 17 2022, 9:39 AM
werner committed rDfb5e37e091cc: swdb: GnuPG 2.3.8 (authored by werner).
swdb: GnuPG 2.3.8
Oct 17 2022, 9:39 AM
werner set External Link to https://gnupg.org/blog/20221017-pepe-left-the-ksba.html on T6230: Release Libksba 1.6.2 (CVE-2022-3515).
Oct 17 2022, 9:26 AM · CVE, Release Info, libksba
werner added a comment to T6230: Release Libksba 1.6.2 (CVE-2022-3515).

As usual see https://gnupg.org/download for links to the latest packages. For Gpg4win see https://gpg4win.org

Oct 17 2022, 9:25 AM · CVE, Release Info, libksba
werner reopened T6230: Release Libksba 1.6.2 (CVE-2022-3515) as "Open".
Oct 17 2022, 7:56 AM · CVE, Release Info, libksba
werner renamed T6230: Release Libksba 1.6.2 (CVE-2022-3515) from Release Libksba 1.6.2 to Release Libksba 1.6.2 (CVE-2022-3515).
Oct 17 2022, 7:56 AM · CVE, Release Info, libksba
werner updated the task description for T6230: Release Libksba 1.6.2 (CVE-2022-3515).
Oct 17 2022, 7:46 AM · CVE, Release Info, libksba

Oct 14 2022

werner committed rW36f82ca0ab55: Merge remote-tracking branch 'origin' (authored by werner).
Merge remote-tracking branch 'origin'
Oct 14 2022, 7:34 PM
werner committed rWc79f4e760ba0: Update to GnuPG 2.3.8 (authored by werner).
Update to GnuPG 2.3.8
Oct 14 2022, 7:34 PM
werner committed rW8dff5492a25e: Prepare NEWS for 4.0.4 and post release updates for 3.1.25 (authored by werner).
Prepare NEWS for 4.0.4 and post release updates for 3.1.25
Oct 14 2022, 7:34 PM
werner committed rW8d9dabd90932: Post release updates (authored by werner).
Post release updates
Oct 14 2022, 7:34 PM
werner committed rW1fc993efc6f5: appimage: Fix signature checking of --version option. (authored by werner).
appimage: Fix signature checking of --version option.
Oct 14 2022, 7:34 PM
werner committed rW68b0a1c9eb8e: appimage: Next try to get --keep-socket working (authored by werner).
appimage: Next try to get --keep-socket working
Oct 14 2022, 7:34 PM
werner committed rW1657191fbcb4: doc: Update build instructions in README (authored by werner).
doc: Update build instructions in README
Oct 14 2022, 7:34 PM
werner committed rWad24ce9994d7: appimage: Fix last commit (authored by werner).
appimage: Fix last commit
Oct 14 2022, 7:34 PM
werner committed rW14b7e292167e: Update to GpgOL 2.5.5 (authored by werner).
Update to GpgOL 2.5.5
Oct 14 2022, 7:34 PM
werner committed rW33dd8ef6a1e9: appimage: Add trademark notices. (authored by werner).
appimage: Add trademark notices.
Oct 14 2022, 7:34 PM
werner committed rWd8befe24aa69: appimage: Add new start option --keep-socket (authored by werner).
appimage: Add new start option --keep-socket
Oct 14 2022, 7:34 PM
werner committed rW371f9f768ca1: Fix build problems on systems with automake != 1.15 installed. (authored by werner).
Fix build problems on systems with automake != 1.15 installed.
Oct 14 2022, 7:34 PM
werner committed rWdc9ce44aba8d: doc: Add a comment to the packages file. (authored by werner).
doc: Add a comment to the packages file.
Oct 14 2022, 7:34 PM
werner committed rWa3eabcc37d9f: Add support for dw2 exceptions (authored by aheinecke).
Add support for dw2 exceptions
Oct 14 2022, 7:34 PM
werner committed rW8c38717f2d07: Prepare 3.1.25 (authored by werner).
Prepare 3.1.25
Oct 14 2022, 7:34 PM
werner committed rWd6c4f88ab91f: Update to GnuPG 2.2.40 (authored by werner).
Update to GnuPG 2.2.40
Oct 14 2022, 7:34 PM
werner updated the task description for T6106: Release GnuPG 2.3.8.
Oct 14 2022, 6:02 PM · Release Info, gnupg (gpg23)
werner updated the task description for T6181: Release GnuPG 2.2.40.
Oct 14 2022, 6:01 PM · gnupg (gpg22), Release Info

Oct 13 2022

werner committed rGedf3b8aa53f7: Post release updates (authored by werner).
Post release updates
Oct 13 2022, 6:29 PM
werner committed rG6f12f952dad1: Release 2.3.8 (authored by werner).
Release 2.3.8
Oct 13 2022, 6:29 PM
werner committed rG0bb0450c4ae7: speedo: Fix location of gpg-wks-client (authored by werner).
speedo: Fix location of gpg-wks-client
Oct 13 2022, 6:29 PM
werner committed rG70ec346fb4c8: Post release updates (authored by werner).
Post release updates
Oct 13 2022, 6:00 PM
werner committed rG5df1c247be52: gpg: For de-vs use AES-128 instead of 3DES as implicit preference. (authored by werner).
gpg: For de-vs use AES-128 instead of 3DES as implicit preference.
Oct 13 2022, 6:00 PM
werner committed rG2e9f8a511dc0: Release 2.2.40 (authored by werner).
Release 2.2.40
Oct 13 2022, 6:00 PM
werner committed rG94092793f6a2: sm: Fix reporting of bad passphrase error (authored by ikloecker).
sm: Fix reporting of bad passphrase error
Oct 13 2022, 6:00 PM
werner committed rG21db05100d0a: po: Auto update (authored by werner).
po: Auto update
Oct 13 2022, 6:00 PM
werner committed rG219dce6b33fa: speedo: Fix for a libgpg-error-config regression. (authored by werner).
speedo: Fix for a libgpg-error-config regression.
Oct 13 2022, 3:48 PM
werner committed rG99f2bd250cc8: po: Auto update (authored by werner).
po: Auto update
Oct 13 2022, 3:48 PM
werner committed rG970b250d65fa: po: Update Turkish translation (authored by Emir SARI <emir_sari@icloud.com>).
po: Update Turkish translation
Oct 13 2022, 3:48 PM
werner committed rG55eef71dbed7: wkd: gpg-wks-client --send checks if build with sendmail support (authored by alexk).
wkd: gpg-wks-client --send checks if build with sendmail support
Oct 13 2022, 3:48 PM
werner committed rG8046fcac63db: po: Update Czech translation. (authored by petr_p).
po: Update Czech translation.
Oct 13 2022, 3:48 PM
werner triaged T6238: regexp for trust signature domain restriction does not work if key only has an e-mail address as Normal priority.
Oct 13 2022, 3:34 PM · backport, gnupg (gpg22), Bug Report, Restricted Project
werner added a comment to P16 (An Untitled Masterwork).

$ ping git.gnupg.org
PING git.gnupg.org (217.69.76.56) 56(84) bytes of data.
64 bytes from cvs.gnupg.org (217.69.76.56): icmp_seq=1 ttl=58 time=6.74 ms
64 bytes from cvs.gnupg.org (217.69.76.56): icmp_seq=2 ttl=58 time=6.87 ms

Oct 13 2022, 12:39 PM
werner closed T6237: GPG.exe "write logs to file" fails to produce logs when executable is ran from network location. as Resolved.

You need to assign a drive letter.

Oct 13 2022, 9:11 AM · Bug Report

Oct 12 2022

werner committed rG1383aa475059: agent: Introduce attribute "Remote-list" to KEYINFO. (authored by werner).
agent: Introduce attribute "Remote-list" to KEYINFO.
Oct 12 2022, 11:52 AM

Oct 11 2022

werner committed rD5323955b665a: tools: Let ftp-indexer handle timestamp version numbers. (authored by werner).
tools: Let ftp-indexer handle timestamp version numbers.
Oct 11 2022, 7:26 PM
werner committed rS1ca01c87d2be: Allow the use of a remote connection. (authored by werner).
Allow the use of a remote connection.
Oct 11 2022, 5:30 PM
werner added a comment to T6235: Problem editing Expiration Time.

My suggestion is to clearly state that there is a direct Key Signature with an expiration date. Another feature would be to add a separate command to modify Direct Key Signatures. However, the latter has the problem that it help with proliferation of such signatures and other OpenPGP implementation will run into other problems. Thus for the whole ecosystem such an option is might not be a good idea.

Oct 11 2022, 3:07 PM · gnupg24, Feature Request
werner added a project to T6230: Release Libksba 1.6.2 (CVE-2022-3515): CVE.
Oct 11 2022, 10:43 AM · CVE, Release Info, libksba
werner added a comment to T6235: Problem editing Expiration Time.

Direct key signatures are rarely used. IIRC, we implemented that the same way PGP did it.

Oct 11 2022, 10:28 AM · gnupg24, Feature Request

Oct 10 2022

werner closed T4482: GPG: Error on sign-key with compliance de-vs because of SHA-1 usage, a subtask of T6063: GnuPG: Ignore invalid hash algorithm preferences when signing & encrypting combined, as Resolved.
Oct 10 2022, 11:23 AM · gnupg, Restricted Project
werner closed T4482: GPG: Error on sign-key with compliance de-vs because of SHA-1 usage as Resolved.
Oct 10 2022, 11:23 AM · OpenPGP, gnupg
werner added a subtask for T6063: GnuPG: Ignore invalid hash algorithm preferences when signing & encrypting combined: T4482: GPG: Error on sign-key with compliance de-vs because of SHA-1 usage.
Oct 10 2022, 11:17 AM · gnupg, Restricted Project
werner added a parent task for T4482: GPG: Error on sign-key with compliance de-vs because of SHA-1 usage: T6063: GnuPG: Ignore invalid hash algorithm preferences when signing & encrypting combined.
Oct 10 2022, 11:17 AM · OpenPGP, gnupg
werner triaged T6234: Implement access to smartcards via a generic pkcs#11 interface as Normal priority.
Oct 10 2022, 7:32 AM · Restricted Project, gnupg26, Feature Request, scd

Oct 7 2022

werner changed the status of T6224: Mirror internal LDAP to a WKD from Open to Testing.
Oct 7 2022, 5:46 PM · Restricted Project, Feature Request, gnupg (gpg23)
werner committed rGa946343f1475: wkd: New command --mirror for gpg-wks-client. (authored by werner).
wkd: New command --mirror for gpg-wks-client.
Oct 7 2022, 5:46 PM
werner committed rG88042821d81b: wkd: Restrict gpg-wks-client --mirror to the given domains. (authored by werner).
wkd: Restrict gpg-wks-client --mirror to the given domains.
Oct 7 2022, 5:46 PM
werner committed rGcd020284c9cf: wkd: Implement --blacklist option for gpg-wks-client (authored by werner).
wkd: Implement --blacklist option for gpg-wks-client
Oct 7 2022, 5:46 PM
werner committed rGb18b9b972e2d: wkd: Silence gpg-wks-client diagnostics from gpg. (authored by werner).
wkd: Silence gpg-wks-client diagnostics from gpg.
Oct 7 2022, 5:45 PM
werner committed rG0a151548b623: wkd: Restrict gpg-wks-client --mirror to the given domains. (authored by werner).
wkd: Restrict gpg-wks-client --mirror to the given domains.
Oct 7 2022, 5:36 PM
werner committed rG4364283f757f: wkd: Silence gpg-wks-client diagnostics from gpg. (authored by werner).
wkd: Silence gpg-wks-client diagnostics from gpg.
Oct 7 2022, 5:36 PM
werner committed rG94d13f53a3b4: common: Protect against a theoretical integer overflow in tlv.c (authored by werner).
common: Protect against a theoretical integer overflow in tlv.c
Oct 7 2022, 5:36 PM
werner committed rGb0b4e24c4fa8: wkd: Implement --blacklist option for gpg-wks-client (authored by werner).
wkd: Implement --blacklist option for gpg-wks-client
Oct 7 2022, 5:36 PM
werner committed rGc300253181cf: common: Protect against a theoretical integer overflow in tlv.c (authored by werner).
common: Protect against a theoretical integer overflow in tlv.c
Oct 7 2022, 2:24 PM
werner committed rG2b2f8a1a0ca1: gpg: Show just keyserver and port with --send-keys. (authored by werner).
gpg: Show just keyserver and port with --send-keys.
Oct 7 2022, 2:24 PM
werner committed rG4cf8dc2d968f: dirmngr: Minor fix for baseDN fallback. (authored by werner).
dirmngr: Minor fix for baseDN fallback.
Oct 7 2022, 2:24 PM
werner committed rGa70a3204c24a: dirmngr: Support paged LDAP mode for KS_GET (authored by werner).
dirmngr: Support paged LDAP mode for KS_GET
Oct 7 2022, 2:24 PM
werner committed rG20cb9319d998: dirmngr: New options --first and --next for KS_GET. (authored by werner).
dirmngr: New options --first and --next for KS_GET.
Oct 7 2022, 2:24 PM
werner committed rG98fbac614105: dirmngr: Change interrogate_ldap_dn for better memory semantics. (authored by gniibe).
dirmngr: Change interrogate_ldap_dn for better memory semantics.
Oct 7 2022, 2:24 PM
werner committed rG73cc5e073ce9: dirnmgr: Fix the function prototype. (authored by gniibe).
dirnmgr: Fix the function prototype.
Oct 7 2022, 2:24 PM
werner committed rG5516f92224b6: dirmngr: Interrogate LDAP server when base DN specified. (authored by joeyberkovitz).
dirmngr: Interrogate LDAP server when base DN specified.
Oct 7 2022, 2:24 PM
werner committed rG615c9717c15a: dirmngr: Support gpgMailbox for mode MAILSUB and MAILEND. (authored by werner).
dirmngr: Support gpgMailbox for mode MAILSUB and MAILEND.
Oct 7 2022, 2:24 PM
werner committed rG44960e702ee3: dirmngr: Factor out interrogate_ldap_dn function. (authored by werner).
dirmngr: Factor out interrogate_ldap_dn function.
Oct 7 2022, 2:24 PM
werner committed rGfe7114ebf344: po: Fix wrong LF in the German translation (authored by werner).
po: Fix wrong LF in the German translation
Oct 7 2022, 11:54 AM
werner closed T6136: build failure with slibtool - error: undefined symbol: QGpgME::RevokeKeyJob::staticMetaObject as Resolved.
Oct 7 2022, 11:41 AM · gpgrt, gpgme, Bug Report
werner closed T5683: Deprecation of gpg-error-config as Resolved.
Oct 7 2022, 11:41 AM · gpgrt
werner closed T5912: libgpg-error: Drop WindowsCE support as Resolved.
Oct 7 2022, 11:40 AM · gpgrt
werner closed T5890: EOPNOTSUPP is not defined in mingw.org's MinGW, fails compilation of libgpg-error-1.44 as Resolved.
Oct 7 2022, 11:40 AM · gpgrt, Bug Report
werner closed T5922: libgpg-error: gpgrt_log_get_fd always returns -1 even if it's not tcp/socket., a subtask of T5921: No sharing of log_fd between child process, as Resolved.
Oct 7 2022, 11:39 AM · Bug Report, gnupg (gpg23)
werner closed T5922: libgpg-error: gpgrt_log_get_fd always returns -1 even if it's not tcp/socket. as Resolved.
Oct 7 2022, 11:39 AM · Bug Report, gpgrt
werner committed rEea031873aa96: Release 1.46 (authored by werner).
Release 1.46
Oct 7 2022, 11:39 AM
werner committed rEe08d87f06932: Post release updates (authored by werner).
Post release updates
Oct 7 2022, 11:39 AM
werner closed T6112: libgpg-error,w32: bidirectional Pipe support for estream as Resolved.
Oct 7 2022, 11:39 AM · Windows, gpgrt, Bug Report
werner closed T5923: Release Libgpg-error 1.46 as Resolved.
Oct 7 2022, 11:39 AM · Release Info, gpgrt
werner committed rD4ac00609b0ce: swdb: gpgrt 1.46 (authored by werner).
swdb: gpgrt 1.46
Oct 7 2022, 11:38 AM
werner committed rWdb4da16307ba: packages: Update libksba (authored by werner).
packages: Update libksba
Oct 7 2022, 11:10 AM
werner committed rD3ac196bbc0a8: swdb: Libksba 1.6.2 (authored by werner).
swdb: Libksba 1.6.2
Oct 7 2022, 10:32 AM
werner triaged T6231: Release Libgpg-error 1.47 as Low priority.
Oct 7 2022, 10:23 AM · Release Info, gpgrt
werner closed T6230: Release Libksba 1.6.2 (CVE-2022-3515) as Resolved.
Oct 7 2022, 10:21 AM · CVE, Release Info, libksba
werner committed rK43765244d1dd: Post release updates (authored by werner).
Post release updates
Oct 7 2022, 10:16 AM
werner committed rK29814959fe2b: Release 1.6.2 (authored by werner).
Release 1.6.2
Oct 7 2022, 10:16 AM
werner renamed T6210: Release LibKSBA 1.6.1 from Release Libksba 1.6.1 to Release LibKSBA 1.6.1.
Oct 7 2022, 10:05 AM · Release Info, libksba
First
Prev
Next