Page MenuHome GnuPG
Feed Advanced Search

Nov 25 2025

gniibe closed T7694: GPGME: gpgme_io_spawn issues, a subtask of T7660: GPGME invocation by cri-o hangs on gpgme_op_verify, as Resolved.
Nov 25 2025, 5:16 AM · golang, gpgme, Bug Report
gniibe closed T7694: GPGME: gpgme_io_spawn issues as Resolved.
Nov 25 2025, 5:16 AM · gpgme, Bug Report
gniibe added a comment to T7894: libgcrypt, scute, gpgrt/argparse, gnupg/dirmngr: Hard-coded /etc.

I examined the code of gnupg_sysconfdir in gnupg/common/homedir.c, if we could factor out things to gpgrt, so that something like gpgrt_fconcat with GPGRT_SYSCONFDIR can be implemented.

Nov 25 2025, 3:10 AM · libgcrypt, scute, gpgrt, Bug Report

Nov 24 2025

werner triaged T7933: Linking error with GPGMEPP on MacOS Tahoe 26.01/GCC 15.2 as Normal priority.
Nov 24 2025, 6:01 PM · C++, gpgme, Bug Report

Nov 23 2025

William added a comment to T7941: gpg: keydb_search_first failed: SQL error.

git checkout gnupg-2.5.14, reverted the commits 46f4cb66125ee34e87e592cc02d38daead3427af and 0cc7759ed5a3890b4e28563a6b5e97f3aa551530, recompiled, and the error message gpg: keydb_search_first failed: SQL error no longer appeared. Also, in /root/.gnupg/public-keys.d/, the two files pubring.db.lock and .#lk0x0000... are present.

Nov 23 2025, 9:26 AM · workaround, gnupg, Bug Report

Nov 21 2025

timegrid closed T7658: Okular: Dirmngr startup timeout on signature validation as Resolved.

Looks good to me on gpg4win-5.0.0-beta413 @ win11.

Nov 21 2025, 6:07 PM · gpd5x (gpd-5.0.0), Bug Report, okular
gniibe added a comment to T7720: w32: Synchronous spawning gpg-agent/dirmngr/keyboxd.

Let me explain about the change rG57affc4e98ab.

Nov 21 2025, 6:44 AM · gnupg, Feature Request, Bug Report
William added a comment to T7941: gpg: keydb_search_first failed: SQL error.

Additionally, in the /root/.gnupg/public-keys.d/ directory, the two files .#lk0x00007fdcb40043b0.b02bef684bbe.5108 and pubring.db.lock are missing.

Nov 21 2025, 5:16 AM · workaround, gnupg, Bug Report

Nov 20 2025

William added a comment to T7941: gpg: keydb_search_first failed: SQL error.

gpg was compiled with the latest version of SQLite3 at the time as its own private library, without linking against the system's libsqlite3.so.

Nov 20 2025, 12:29 PM · workaround, gnupg, Bug Report
werner added a comment to T7941: gpg: keydb_search_first failed: SQL error.

Can you please schek which Sqlite version you have installed? I have not seen this on my system.

Nov 20 2025, 11:25 AM · workaround, gnupg, Bug Report
William added a comment to T7941: gpg: keydb_search_first failed: SQL error.

keyboxd (GnuPG) 2.5.13

gpg -K
cat keyboxd.log

listening on socket '/root/.gnupg/S.keyboxd'
keyboxd (GnuPG) 2.5.13 started
handler 0x7f2eba314640 for fd 9 started
connection from process 4361 (0:0)
(SQL: PRAGMA foreign_keys = ON)
(SQL: CREATE TABLE IF NOT EXISTS config (name  TEXT NOT NULL UNIQUE,value TEXT NOT NULL ))
database version: 1
database created: 2025-11-20 06:11:12
(SQL: CREATE TABLE IF NOT EXISTS pubkey (ubid     BLOB NOT NULL PRIMARY KEY,type  INTEGER NOT NULL,ephemeral INTEGER NOT NULL DEFAULT 0,revoked INTEGER NOT NULL DEFAULT 0,keyblob BLOB NOT NULL))
(SQL: CREATE TABLE IF NOT EXISTS fingerprint (fpr  BLOB NOT NULL PRIMARY KEY,kid  BLOB NOT NULL,keygrip BLOB NOT NULL,subkey INTEGER NOT NULL,ubid BLOB NOT NULL REFERENCES pubkey))
(SQL: CREATE INDEX IF NOT EXISTS fingerprintidx0 on fingerprint (ubid))
(SQL: CREATE INDEX IF NOT EXISTS fingerprintidx1 on fingerprint (fpr))
(SQL: CREATE INDEX IF NOT EXISTS fingerprintidx2 on fingerprint (keygrip))
(SQL: CREATE TABLE IF NOT EXISTS userid (uid  TEXT NOT NULL,addrspec TEXT,type  INTEGER NOT NULL,uidno INTEGER NOT NULL,ubid BLOB NOT NULL REFERENCES pubkey))
(SQL: CREATE INDEX IF NOT EXISTS userididx0 on userid (ubid))
(SQL: CREATE INDEX IF NOT EXISTS userididx1 on userid (uid))
(SQL: CREATE INDEX IF NOT EXISTS userididx3 on userid (addrspec))
(SQL: CREATE TABLE IF NOT EXISTS issuer (sn TEXT NOT NULL,dn TEXT NOT NULL,ubid BLOB NOT NULL REFERENCES pubkey))
(SQL: CREATE INDEX IF NOT EXISTS issueridx1 on issuer (dn))
database '/root/.gnupg/public-keys.d/pubring.db' created
(SQL: SELECT ubid, type, ephemeral, revoked, keyblob FROM pubkey as p WHERE p.type = 1 ORDER by ubid)
(SQL: SELECT ubid, type, ephemeral, revoked, keyblob FROM pubkey as p WHERE p.type = 1 ORDER by ubid)
command 'NEXT' failed: Not found
handler 0x7f2eba314640 for fd 9 terminated
Nov 20 2025, 9:38 AM · workaround, gnupg, Bug Report
werner triaged T7941: gpg: keydb_search_first failed: SQL error as Low priority.

Interesting. What SQlite version are you using? To see the exact reason and you have a copy of the old pubring.db, please add

Nov 20 2025, 8:58 AM · workaround, gnupg, Bug Report
William created T7941: gpg: keydb_search_first failed: SQL error.
Nov 20 2025, 7:36 AM · workaround, gnupg, Bug Report
gniibe changed the status of T7720: w32: Synchronous spawning gpg-agent/dirmngr/keyboxd, a subtask of T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error, from Open to Testing.
Nov 20 2025, 7:07 AM · gpgrt, Feature Request, Bug Report
gniibe changed the status of T7720: w32: Synchronous spawning gpg-agent/dirmngr/keyboxd from Open to Testing.

Applied the change to master: rG57affc4e98ab: common,agent,dirmngr,kbx:w32: Synchronous spawning daemon process.

Nov 20 2025, 7:07 AM · gnupg, Feature Request, Bug Report
gniibe closed T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error as Resolved.
Nov 20 2025, 7:06 AM · gpgrt, Feature Request, Bug Report
gniibe changed the status of T7629: gcc 15 warns about -Wunterminated-string-initialization in gnupg from Open to Testing.

I applied a change with GPGRT_ATTR_NONSTRING to master, since 2.6 branch now requires newere gpgrt.
Fix is rGcad79e542d85: agent,common,dirmngr,tests: Silence warnings of a compiler.

Nov 20 2025, 7:04 AM · gnupg, Bug Report
gniibe added a comment to T7716: gpgrt:w32: Synchronous spawning detached process, with standard input and standard error.

For GnuPG, applied the change to master: rG57affc4e98ab: common,agent,dirmngr,kbx:w32: Synchronous spawning daemon process.

Nov 20 2025, 7:00 AM · gpgrt, Feature Request, Bug Report
gniibe changed the status of T7909: Other bugs reported by 49016 et al. from Open to Testing.

t-stringhelp change was pushed by rG8a95e963d53a: common: Fix the test of t-stringhelp.
For int-truncation, I pushed the change rGbcd87ea2b2da: misc: Validate the value on the use of strtol.

Nov 20 2025, 6:33 AM · gnupg, g10code, Bug Report
gniibe changed the status of T7909: Other bugs reported by 49016 et al., a subtask of T7900: Cleartext Signature Forgery in GnuPG, from Open to Testing.
Nov 20 2025, 6:33 AM · Not A Bug, OpenBSD, gnupg

Nov 19 2025

werner changed the status of T7904: GnuPG may downgrade digest algorithm to SHA1, a subtask of T7900: Cleartext Signature Forgery in GnuPG, from Open to Testing.
Nov 19 2025, 5:53 PM · Not A Bug, OpenBSD, gnupg
werner changed the status of T7904: GnuPG may downgrade digest algorithm to SHA1 from Open to Testing.
Nov 19 2025, 5:53 PM · gnupg, Bug Report
werner added projects to T7933: Linking error with GPGMEPP on MacOS Tahoe 26.01/GCC 15.2: gpgme, C++.
Nov 19 2025, 5:51 PM · C++, gpgme, Bug Report
werner updated the task description for T7900: Cleartext Signature Forgery in GnuPG.
Nov 19 2025, 5:49 PM · Not A Bug, OpenBSD, gnupg
werner updated the task description for T7906: Memory Corruption in ASCII-Armor Parsing.
Nov 19 2025, 5:49 PM · gnupg, Bug Report
werner moved T7892: keyboxd: subkey listing issue with ADSKs from WIP to QA on the gnupg26 board.
Nov 19 2025, 5:44 PM · gnupg26, Bug Report, keyboxd, gnupg
werner changed the status of T7908: GnuPG Accepts Path Separators and Path Traversals in Literal Data "Filename" Field, a subtask of T7900: Cleartext Signature Forgery in GnuPG, from Open to Testing.
Nov 19 2025, 5:43 PM · Not A Bug, OpenBSD, gnupg
werner changed the status of T7908: GnuPG Accepts Path Separators and Path Traversals in Literal Data "Filename" Field from Open to Testing.
Nov 19 2025, 5:43 PM · gnupg, Bug Report
werner closed T7882: `rsa-sha2` signature values are improperly truncated as Resolved.
Nov 19 2025, 5:42 PM · ssh, gpgagent, Bug Report
werner changed the status of T7906: Memory Corruption in ASCII-Armor Parsing, a subtask of T7900: Cleartext Signature Forgery in GnuPG, from Open to Testing.
Nov 19 2025, 5:38 PM · Not A Bug, OpenBSD, gnupg
werner changed the status of T7906: Memory Corruption in ASCII-Armor Parsing from Open to Testing.
Nov 19 2025, 5:38 PM · gnupg, Bug Report
werner shifted T7906: Memory Corruption in ASCII-Armor Parsing from the Restricted Space space to the S1 Public space.
Nov 19 2025, 5:38 PM · gnupg, Bug Report
werner added a comment to T7908: GnuPG Accepts Path Separators and Path Traversals in Literal Data "Filename" Field.

The problem is that a user may unintentionally use the suggested filename without checking that it does not harm to write to this file. It is better not to present a default name at all.

Nov 19 2025, 4:08 PM · gnupg, Bug Report
gniibe changed the status of T7631: Building libassuan on AIX warns about missing function declarations. from Open to Testing.
Nov 19 2025, 6:13 AM · AIX, libassuan, Bug Report

Nov 18 2025

werner changed the status of T7892: keyboxd: subkey listing issue with ADSKs from Open to Testing.
Nov 18 2025, 5:29 PM · gnupg26, Bug Report, keyboxd, gnupg
gniibe changed the status of T7658: Okular: Dirmngr startup timeout on signature validation from Open to Testing.

I believe this bug was fixed by T7829. Please confirm with new gpgwin-5.0.0-beta.

Nov 18 2025, 1:04 AM · gpd5x (gpd-5.0.0), Bug Report, okular

Nov 17 2025

ebo removed a project from T7476: Kleopatra crashes when decrypting file that was only encrypted for a hidden recipient: Restricted Project.
Nov 17 2025, 2:17 PM · gpd5x (gpd-5.0.0), vsd33 (vsd-3.3.0), kleopatra, Bug Report
ebo moved T7476: Kleopatra crashes when decrypting file that was only encrypted for a hidden recipient from WIP to Done on the gpd5x board.

works with Gpg4win-5.0.0-beta395, too

Nov 17 2025, 2:17 PM · gpd5x (gpd-5.0.0), vsd33 (vsd-3.3.0), kleopatra, Bug Report
ebo added a project to T7892: keyboxd: subkey listing issue with ADSKs: gnupg26.
Nov 17 2025, 12:09 PM · gnupg26, Bug Report, keyboxd, gnupg
rjhansen added a comment to T7933: Linking error with GPGMEPP on MacOS Tahoe 26.01/GCC 15.2.
g++-15 foo.cc `pkg-config --cflags --libs gpgmepp` -o foo -O2 -Wall --std=c++23
Nov 17 2025, 10:34 AM · C++, gpgme, Bug Report
ikloecker added a comment to T7933: Linking error with GPGMEPP on MacOS Tahoe 26.01/GCC 15.2.

Please show the command line of the linker.

Nov 17 2025, 9:33 AM · C++, gpgme, Bug Report
ebo moved T6856: GpgOL is reported as slowing down the start of Outlook from Backlog to Done on the gpgol board.
Nov 17 2025, 9:02 AM · vsd32 (vsd-3.2.0), gpgol, Bug Report, gpg4win
ebo moved T6646: GpgOL: signature not displayed if mail is saved in the filesystem from Backlog to Done on the gpgol board.
Nov 17 2025, 9:00 AM · vsd33 (vsd-3.3.1), Restricted Project, Bug Report, gpgol

Nov 16 2025

rjhansen created T7933: Linking error with GPGMEPP on MacOS Tahoe 26.01/GCC 15.2.
Nov 16 2025, 9:31 PM · C++, gpgme, Bug Report

Nov 14 2025

pmgdeb added a comment to T7919: gpgme: Treat empty DISPLAY variable as unset or error out.

Great, thanks!

Nov 14 2025, 1:42 PM · gpgme, Bug Report
werner updated the task description for T7900: Cleartext Signature Forgery in GnuPG.
Nov 14 2025, 1:27 PM · Not A Bug, OpenBSD, gnupg
werner changed the status of T7919: gpgme: Treat empty DISPLAY variable as unset or error out from Open to Testing.
Nov 14 2025, 1:26 PM · gpgme, Bug Report
werner triaged T7919: gpgme: Treat empty DISPLAY variable as unset or error out as Normal priority.
Nov 14 2025, 1:19 PM · gpgme, Bug Report
werner added a project to T7919: gpgme: Treat empty DISPLAY variable as unset or error out: gpgme.

I considered to make the --display argument optional but that still leads to the error. Thus better do not set or send it at all. I did this now for all gpgme engines.

Nov 14 2025, 1:19 PM · gpgme, Bug Report
pmgdeb renamed T7919: gpgme: Treat empty DISPLAY variable as unset or error out from Treat empty DISPLAY variable as unset or error out to gpgme: Treat empty DISPLAY variable as unset or error out.
Nov 14 2025, 12:40 PM · gpgme, Bug Report
pmgdeb created T7919: gpgme: Treat empty DISPLAY variable as unset or error out.
Nov 14 2025, 12:23 PM · gpgme, Bug Report

Nov 13 2025

ebo closed T7443: Kleopatra: Unexpected key filter selected in "Imported Certificates" tab as Resolved.
Nov 13 2025, 3:37 PM · gpd5x (gpd-5.0.0), kleopatra, Bug Report
ebo closed T7741: Kleopatra: Crash when opening audit log from certificate import result dialog as Resolved.
Nov 13 2025, 3:25 PM · gpd5x (gpd-5.0.0), kleopatra, Bug Report
ebo removed a project from T7871: GpgOL: Msg export of mails with long subjects broken: gpd5x.
Nov 13 2025, 11:05 AM · Bug Report, gpgol

Nov 12 2025

gniibe added a comment to T7894: libgcrypt, scute, gpgrt/argparse, gnupg/dirmngr: Hard-coded /etc.

I checked the code under gnupg/dirmngr. Those are no harm.

Nov 12 2025, 6:31 AM · libgcrypt, scute, gpgrt, Bug Report

Nov 11 2025

ebo moved T7722: GpgOL: Temp filename creation fails to choose proper extension from WIP to Done on the gpgol board.
Nov 11 2025, 12:59 PM · gpd5x (gpd-5.0.0), vsd33 (vsd-3.3.3), Bug Report, gpgol
werner triaged T7902: OpenPGP Cleartext Signature Framework as Normal priority.

There are a lot of other ways to confuse the user. We can't fix them all because the whole purpose of a cleartext signature is to make it easy to use in legacy environments like an BBS. Modern systems use MIME to handle this in a more stringent specified way. For any use it is stongly suggested to check the actual signed data which is avaialable with the --output options. At least a sanitizing viewer should be used which filters out all escape characters (something like cat -v |less).

Nov 11 2025, 10:02 AM · Not A Bug, OpenPGP, FAQ, gnupg
werner closed T7905: Radix64 Line-Truncation Enabling Polyglot Attacks, a subtask of T7900: Cleartext Signature Forgery in GnuPG, as Resolved.
Nov 11 2025, 9:53 AM · Not A Bug, OpenBSD, gnupg
werner closed T7905: Radix64 Line-Truncation Enabling Polyglot Attacks as Resolved.

We have seen wrong encodings quite often in the past and thus we won't apply the patch. After all the armor header is a different layer and could also be applied or removed by other software or tools. The integrity of an OpenPGP message does not depend on its concrete outer encoding.

Nov 11 2025, 9:53 AM · gnupg, g10code, Bug Report
gniibe added a comment to T7905: Radix64 Line-Truncation Enabling Polyglot Attacks.

For someone who considers the rejection is the requirement of the spec., here is a change:

Nov 11 2025, 7:00 AM · gnupg, g10code, Bug Report
gniibe updated the task description for T7905: Radix64 Line-Truncation Enabling Polyglot Attacks.
Nov 11 2025, 6:59 AM · gnupg, g10code, Bug Report
gniibe added a comment to T7902: OpenPGP Cleartext Signature Framework.

Here is a revised patch (hopefully the last one):

Nov 11 2025, 6:37 AM · Not A Bug, OpenPGP, FAQ, gnupg

Nov 6 2025

gniibe added a comment to T7633: libgcrypt fails to build on NetBSD due to the systems bswap32 macro defintion..

Applied to 1.11 branch.

Nov 6 2025, 2:33 AM · NetBSD, libgcrypt, Bug Report
gniibe added projects to T7882: `rsa-sha2` signature values are improperly truncated : gpgagent, ssh.
Nov 6 2025, 2:07 AM · ssh, gpgagent, Bug Report

Nov 5 2025

werner added a comment to T7894: libgcrypt, scute, gpgrt/argparse, gnupg/dirmngr: Hard-coded /etc.

I think this is correct even on Unix in case someone really uses /usr/local/etc (which I consider problematic). But for Windows we need to determine this at runtime.

Nov 5 2025, 3:49 PM · libgcrypt, scute, gpgrt, Bug Report
gniibe added a comment to T7894: libgcrypt, scute, gpgrt/argparse, gnupg/dirmngr: Hard-coded /etc.

For gpgrt/argparse this could be an option (to remove hard-coded /etc):

Nov 5 2025, 7:44 AM · libgcrypt, scute, gpgrt, Bug Report
gniibe added a comment to T7902: OpenPGP Cleartext Signature Framework.

Here is a patch (revised since the email of mine):

Nov 5 2025, 6:26 AM · Not A Bug, OpenPGP, FAQ, gnupg
gniibe claimed T7909: Other bugs reported by 49016 et al..
Nov 5 2025, 6:11 AM · gnupg, g10code, Bug Report
gniibe added a comment to T7909: Other bugs reported by 49016 et al..

For t-stringhelp.c, here is a fix.

Nov 5 2025, 6:11 AM · gnupg, g10code, Bug Report
gniibe added a comment to T7909: Other bugs reported by 49016 et al..

For

openpgp_oid_from_str has a wrong memory-safety assumption

Nov 5 2025, 6:00 AM · gnupg, g10code, Bug Report
gniibe added a comment to T7909: Other bugs reported by 49016 et al..

For Integer Overflow in literals_seen, I think that the claim is wrong.
When literals_seen becomes two, GnuPG stops processing to return an error.
It's not possible for GnuPG to keep processing.

Nov 5 2025, 3:51 AM · gnupg, g10code, Bug Report
gniibe added a comment to T7909: Other bugs reported by 49016 et al..

For Integer Truncation of Arguments report, since the int value is limited to one-octet value, we could add check for the length of input when we use strtol.

Nov 5 2025, 3:30 AM · gnupg, g10code, Bug Report

Nov 4 2025

werner triaged T7904: GnuPG may downgrade digest algorithm to SHA1 as High priority.
Nov 4 2025, 1:26 PM · gnupg, Bug Report
werner added a comment to T7903: Multiple Plaintext Attack on Detached PGP Signatures in GnuPG.

We have fixed it but the commit also states:

Nov 4 2025, 1:25 PM · Not A Bug, OpenPGP, gnupg
werner claimed T7901: Cleartext Signature Forgery in NotDashEscaped header implementation in GnuPG.

I agree because the original purpose from the 90ies to enable the use of signed patch files in the Linux kernel community was never actually used and GnuPG stopped the distribution of patches from version to version many years ago. Thus I agree we should hide this option behind a compatibility flag.

Nov 4 2025, 1:22 PM · gnupg, Bug Report
gniibe updated the task description for T7909: Other bugs reported by 49016 et al..
Nov 4 2025, 7:32 AM · gnupg, g10code, Bug Report
gniibe created T7909: Other bugs reported by 49016 et al..
Nov 4 2025, 7:18 AM · gnupg, g10code, Bug Report
gniibe added a comment to T7908: GnuPG Accepts Path Separators and Path Traversals in Literal Data "Filename" Field.

Added a compatibility flag in: rGad0c6c33c3d6: gpg: Do not use a default when asking for another output filename.

Nov 4 2025, 7:08 AM · gnupg, Bug Report
gniibe created T7908: GnuPG Accepts Path Separators and Path Traversals in Literal Data "Filename" Field.
Nov 4 2025, 7:07 AM · gnupg, Bug Report
gniibe created T7907: Encrypted Message Malleability Checks are Incorrectly Enforced Causing Plaintext Recovery Attacks.
Nov 4 2025, 7:01 AM · Not A Bug, gnupg
gniibe added a comment to T7906: Memory Corruption in ASCII-Armor Parsing.

Fixed in rG115d138ba599: gpg: Fix possible memory corruption in the armor parser.

Nov 4 2025, 6:57 AM · gnupg, Bug Report
gniibe created T7906: Memory Corruption in ASCII-Armor Parsing.
Nov 4 2025, 6:56 AM · gnupg, Bug Report
gniibe created T7905: Radix64 Line-Truncation Enabling Polyglot Attacks.
Nov 4 2025, 6:50 AM · gnupg, g10code, Bug Report
gniibe added a comment to T7904: GnuPG may downgrade digest algorithm to SHA1.

Fixed in rGdb9705ef594d: gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures.

Nov 4 2025, 6:46 AM · gnupg, Bug Report
gniibe created T7904: GnuPG may downgrade digest algorithm to SHA1.
Nov 4 2025, 6:45 AM · gnupg, Bug Report
gniibe added a comment to T7903: Multiple Plaintext Attack on Detached PGP Signatures in GnuPG.

Fixed in rG8abc320f2a75: gpg: Error out on unverified output for non-detached signatures.

Nov 4 2025, 6:43 AM · Not A Bug, OpenPGP, gnupg
gniibe created T7903: Multiple Plaintext Attack on Detached PGP Signatures in GnuPG.
Nov 4 2025, 6:41 AM · Not A Bug, OpenPGP, gnupg
gniibe added a comment to T7901: Cleartext Signature Forgery in NotDashEscaped header implementation in GnuPG.

This feature should be only enabled with a compatibility flag.

Nov 4 2025, 6:28 AM · gnupg, Bug Report
gniibe added a comment to T7902: OpenPGP Cleartext Signature Framework.

Mitigation would be: adding context validation in add_onepass_sig function, which checks WHAT of armored input.

Nov 4 2025, 6:27 AM · Not A Bug, OpenPGP, FAQ, gnupg
gniibe created T7902: OpenPGP Cleartext Signature Framework.
Nov 4 2025, 6:25 AM · Not A Bug, OpenPGP, FAQ, gnupg
gniibe created T7901: Cleartext Signature Forgery in NotDashEscaped header implementation in GnuPG.
Nov 4 2025, 6:13 AM · gnupg, Bug Report
gniibe shifted T7900: Cleartext Signature Forgery in GnuPG from the S1 Public space to the Restricted Space space.
Nov 4 2025, 6:07 AM · Not A Bug, OpenBSD, gnupg
gniibe created T7900: Cleartext Signature Forgery in GnuPG.
Nov 4 2025, 6:07 AM · Not A Bug, OpenBSD, gnupg
gniibe changed the status of T7882: `rsa-sha2` signature values are improperly truncated from Open to Testing.

Pushed the revised change to master.

Nov 4 2025, 5:56 AM · ssh, gpgagent, Bug Report

Nov 3 2025

werner triaged T7894: libgcrypt, scute, gpgrt/argparse, gnupg/dirmngr: Hard-coded /etc as Normal priority.
Nov 3 2025, 4:47 PM · libgcrypt, scute, gpgrt, Bug Report
werner added a comment to T7894: libgcrypt, scute, gpgrt/argparse, gnupg/dirmngr: Hard-coded /etc.

For argparse we use /etc as a default but applications may use gpgrt_set_confdir to set a different one. Howeever if we already have a new get_sysconfdir function, it is easy and useful to change the default on Unix.

Nov 3 2025, 3:29 PM · libgcrypt, scute, gpgrt, Bug Report
werner added a comment to T7894: libgcrypt, scute, gpgrt/argparse, gnupg/dirmngr: Hard-coded /etc.

In GnuPG we use CSIDL_COMMON_APPDATA and append "\GNU\etc\gnupg". If this can't be found we use the rootdir, that is he installation directory of the binary or one up if installed below a bin directory. The reason for using GNU and not POSIX or Unix is merely to avoid name clashes with other software ported to Windows. There was no real standard for this on Windows.

Nov 3 2025, 3:27 PM · libgcrypt, scute, gpgrt, Bug Report
werner added a comment to T7894: libgcrypt, scute, gpgrt/argparse, gnupg/dirmngr: Hard-coded /etc.

We already did this for Libgcrypt 1.8 but take care that an installer includig Libgcrypt should run something like

Nov 3 2025, 3:05 PM · libgcrypt, scute, gpgrt, Bug Report
werner renamed T7892: keyboxd: subkey listing issue with ADSKs from keyboxd: subkey issue connected to ADSK to keyboxd: a new subkey is sometimes not stored in the fingerprint table..
Nov 3 2025, 9:54 AM · gnupg26, Bug Report, keyboxd, gnupg
werner triaged T7892: keyboxd: subkey listing issue with ADSKs as High priority.

It is not an ADSK issue. The problem is that the new subkey has not been entered into the fingerprint table and can thus not be found.

Nov 3 2025, 9:52 AM · gnupg26, Bug Report, keyboxd, gnupg