Problem noted in T7166
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
May 19 2025
May 19 2025
• werner closed T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball as Resolved.
Noet that one file is missing in the released tarball; when building for RISC-V please see T7647#201164
• werner added a comment to T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball.
Patch applied.
• ebo moved T6584: Kleopatra / Gpgtar: Cancel on encrypt leaves a broken archive behind from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T6793: Cleanup temporary files / dirs with decrypted content from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T6907: gpgme: Explicitly tell gpg that we want to verify signed data from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T6917: Kleopatra: write error when decrypting to network drive from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T6926: No tray icon for Kleopatra in dark mode on Windows. from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T6095: Kleopatra: Fix accessibility of group configuration from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T7021: Kleopatra: restart gpg-agent after stopping it from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T7051: Kleopatra: Defunct processes when Kleopatra is running with elevated privileges from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T6688: Kleopatra GPGME: Reported assert on exit from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T7045: Kleopatra: Use "SCD DEVINFO --watch" also on Windows from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T7204: Kleopatra: Remove Option "Show tags attached to certificates" from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T7272: Kleopatra: Look up missing OpenPGP certificates for card keys from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T7297: Kleopatra: Improve support for V5 fingerprints from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T7489: Kleopatra: missing translations in kf5 from Restricted Project Column to Restricted Project Column on the Restricted Project board.
• ebo moved T7525: gpg4win: Add support for Wayland to the Qt5-based AppImage from Restricted Project Column to Restricted Project Column on the Restricted Project board.
gpg: Use the KEM API for ECC encryption.
Looking the FIPS 204 document, using the following functions (API) is good:
l10n daemon script <scripty@kde.org> committed rKLEOPATRAfd43796728bc: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
• gniibe renamed T7649: gnupg: Use KEM interface for encryption/decryption from gnupg: Use KEM interface for decryption to gnupg: Use KEM interface for encryption/decryption.
May 18 2025
May 18 2025
l10n daemon script <scripty@kde.org> committed rKLEOPATRA675cff6e38fe: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rMTPb5b9105072d9: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rKLEOPATRA30eabd76f72b: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
May 17 2025
May 17 2025
collinfunk added a comment to T7647: cipher/simd-common-riscv.h missing from libgcrypt 1.11.1 tarball.
I can confirm this. Here is the build error:
make[2]: Entering directory '/home/collinfunk/libgcrypt-1.11.1/cipher'
`echo /bin/bash ../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I.. -I../src -I../src -I../mpi -I../mpi -I/home/collinfunk/tmp/include -g -O2 -fvisibility=hidden -fno-delete-null-pointer-checks -Wall -O2 -march=rv64imafdcv -mstrict-align -c rijndael-vp-riscv.c | sed -e 's/-fsanitize[=,\-][=,a-z,A-Z,0-9,\,,\-]*//g' -e 's/-fprofile[=,\-][=,a-z,A-Z,0-9,\,,\-]*//g' -e 's/-fcoverage[=,\-][=,a-z,A-Z,0-9,\,,\-]*//g' `
libtool: compile: gcc -DHAVE_CONFIG_H -I. -I.. -I../src -I../src -I../mpi -I../mpi -I/home/collinfunk/tmp/include -g -O2 -fvisibility=hidden -fno-delete-null-pointer-checks -Wall -O2 -march=rv64imafdcv -mstrict-align -c rijndael-vp-riscv.c -fPIC -DPIC -o .libs/rijndael-vp-riscv.o
rijndael-vp-riscv.c:58:10: fatal error: simd-common-riscv.h: No such file or directory
58 | #include "simd-common-riscv.h"
| ^~~~~~~~~~~~~~~~~~~~~
compilation terminated.
make[2]: *** [Makefile:1730: rijndael-vp-riscv.lo] Error 1Patch here: https://lists.gnupg.org/pipermail/gcrypt-devel/2025-May/005854.html
l10n daemon script <scripty@kde.org> committed rMTP7f65aae26576: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rKLEOPATRAeff566397e25: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rMTP034f08709d92: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rKLEOPATRA62058f59ad60: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
May 16 2025
May 16 2025
timegrid updated the task description for T7658: Okular: Dirmngr startup timeout on signature validation.
timegrid updated the task description for T7658: Okular: Dirmngr startup timeout on signature validation.
In T5993#201111, @werner wrote:For example Poppler uses GnuPG comment packets to lower its own attack surface by leaving all OpenPGP handling to gpg. The patch (or at least the version we noticed in Fedora and Debian) entirely breaks this use.
(The commits had a wrong bug it in their message)
• werner committed rG23ccad05c680: gpg: Do not allow compressed key packets on import. (authored by • werner).
gpg: Do not allow compressed key packets on import.
• werner committed rG8e529f922194: gpg: Do not allow compressed key packets on import. (authored by • werner).
gpg: Do not allow compressed key packets on import.
• werner committed rG645cf7d8fc25: Revert "w32: On socket nonce mismatch close the socket." (authored by • werner).
Revert "w32: On socket nonce mismatch close the socket."
gpg: Remove unused variable.
Rework networking
Fix typo
It might be useful to have samples of compressed keys:
• werner committed rEcda4789a9f7d: Time for a new error code; this time GPG_ERR_UNEXPECTED_PACKET (authored by • werner).
Time for a new error code; this time GPG_ERR_UNEXPECTED_PACKET
Apparently KMessageBoxes do actually wrap, just at a larger width than we'd have expected. Lowering this width should be a trivial patch that we could do locally, if we want to
No, we can't do much about this. It has always been easy to create compression bombs and the more relevant thing here is compressed signed or encrypted data. Or just compressed mails. The patch by @DemiMarie is way to complicated for what it wants to achieve and actually breaks existing use cases. For example Poppler uses GnuPG comment packets to lower its own attack surface by leaving all OpenPGP handling to gpg. The patch (or at least the version we noticed in Fedora and Debian) entirely breaks this use.
Generate manifest.xml at runtime
Reencrypt in a seperate folder
Display name of folder to reencrypt
CarlSchwan committed rOJd668b9750efb: reencryption: Display logs and reencryption state in a dialog (authored by CarlSchwan).
reencryption: Display logs and reencryption state in a dialog
• gniibe committed rG40cfa71281db: common: Add KEM constants for NIST curves. (authored by • gniibe).
common: Add KEM constants for NIST curves.
l10n daemon script <scripty@kde.org> committed rKLEOPATRAa88aff617ab1: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rMTP9a5f0d29218e: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rLIBKLEO00921c0a63e9: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rKLEOPATRA67a3d0167d91: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
May 15 2025
May 15 2025
• werner added a comment to T7634: libgcrypt's test t-thread-local fails to link on some platforms..
Also pushed to 1.11
swdb: gpgol 2.6.1
Post release updates
Release 2.6.1
Handle filtered READ events
Handle non mail items in inbox events
• ebo renamed T7655: Kleopatra: show a progress window when updating a certificate from Kleopatra: show a progress window when update a certificate to Kleopatra: show a progress window when updating a certificate.
• ebo renamed T7655: Kleopatra: show a progress window when updating a certificate from Kleopatra: Trying to update a certificate takes too much time if there is no network to Kleopatra: show a progress window when update a certificate.
Hej thinks that she would expect the dialog to show which certificates were uploaded.
I think if we want to do that, we should make a new ticket for it. Here we wanted the easy quick fix.
• TobiasFella changed the status of T7495: Kleopatra: Improve success message on keyserver upload from Open to Testing.
This is not really easy to change, since the proposed paths doesn't match QStandardPath
m <meik.michalke@gnupg.com> committed rOJb0eec451de48: updated README.md (authored by m <meik.michalke@gnupg.com>).
updated README.md
Way too complicate and thus has a high risk of regression,
• TobiasFella committed rKLEOPATRA0484fe5985be: Improve success message for key upload (authored by • TobiasFella).
Improve success message for key upload
• TobiasFella changed the status of T7652: Kleopatra: Add plural in verification messages for multiple signatures from Open to Testing.
• TobiasFella committed rKLEOPATRA73ca288b2ef5: Use plural when verifying multiple signatures from the same file (authored by • TobiasFella).
Use plural when verifying multiple signatures from the same file
• TobiasFella committed rKLEOPATRA94bafa83d1fc: Apply 1 suggestion(s) to 1 file(s) (authored by • TobiasFella).
Apply 1 suggestion(s) to 1 file(s)
Use new startCreate overload
• ikloecker committed rGPGMEQT1a063ce9332e: Remove long obsolete feature checks (authored by • ikloecker).
Remove long obsolete feature checks
• ikloecker committed rGPGMEQT3032aee35248: Modernize interface of QuickJob::startCreate and ::startAddSubkey (authored by • ikloecker).
Modernize interface of QuickJob::startCreate and ::startAddSubkey
• ikloecker committed rGPGMEPPee85d38a2f9e: Remove long obsolete feature checking API (authored by • ikloecker).
Remove long obsolete feature checking API
• ikloecker committed rGPGMEPP9200517f23c5: Remove deprecated functions and types (authored by • ikloecker).
Remove deprecated functions and types
• ikloecker committed rGPGMEPPd3559c8abcfe: Add CreationFlags and simplify API of createKey and createSubkey (authored by • ikloecker).
Add CreationFlags and simplify API of createKey and createSubkey
• ikloecker committed rGPGMEPP8b853b09d542: New decrypt flag DecryptListOnly (authored by • ikloecker).
New decrypt flag DecryptListOnly
"Geheimen Team-Schlüssel zum internen Teilen abspeichern." is grammatically correct, but it sound very formal and clunky for a UI tooltip. It lacks clarity, therefore I suggest:
• ikloecker added a comment to T7655: Kleopatra: show a progress window when updating a certificate.
It's pretty much impossible to speed up the situation of unavailable network because network access typically uses long timeouts because networks can be notoriously slow to respond. The only thing we can do is show a progress window so that the users know that Kleopatra is actually doing something.
l10n daemon script <scripty@kde.org> committed rKLEOPATRA107e52b24cf9: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
• gniibe committed rC0bd4c77be6e0: mpi:ec: Least leak with k^(-1) for ECDSA. (authored by • gniibe).
mpi:ec: Least leak with k^(-1) for ECDSA.
• gniibe committed rCaa089ec89bad: mpi:ec: Use ec_mulm_lli in _gcry_mpi_ec_get_affine. (authored by • gniibe).
mpi:ec: Use ec_mulm_lli in _gcry_mpi_ec_get_affine.
• gniibe changed the status of T7648: Decryption to a Ky768_Cv25519 key does not work if the Cv25519 key is on a token from Open to Testing.
• gniibe closed T7621: libgpg-error: __non_string for GCC 15 or later, a subtask of T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later, as Resolved.
May 14 2025
May 14 2025
• ikloecker committed rKLEOPATRAb1f3736de7ed: Use Error::isError() to check if an error occurred (authored by • ikloecker).
Use Error::isError() to check if an error occurred
• ikloecker committed rKLEOPATRA10b618703d74: Include QGpgME/Debug for QDebug operator for GpgME::Error (authored by • ikloecker).
Include QGpgME/Debug for QDebug operator for GpgME::Error
• ikloecker committed rKLEOPATRAd4f777ffa137: Remove long obsolete feature check (authored by • ikloecker).
Remove long obsolete feature check
Rename packages.common to packages.list
• werner committed rW383eb8586161: Update Okular for gnupg >= 2.4 to the correct version. (authored by • werner).
Update Okular for gnupg >= 2.4 to the correct version.
Merge branch 'gpg4win-5-branch'
Merge branch 'gpg4win-5-branch'
• ebo renamed T7655: Kleopatra: show a progress window when updating a certificate from Kleopatra: Trying to update a certificat takes too much time if there is no network to Kleopatra: Trying to update a certificate takes too much time if there is no network.
• ebo triaged T7655: Kleopatra: show a progress window when updating a certificate as Normal priority.
m.eik renamed T7613: GpgOL/Web shows wrong path to manifest in Gpg4Win from Gpg4Win is missing GpgOL/Web's manifest file to GpgOL/Web shows wrong path to manifest in Gpg4Win.