Page MenuHome GnuPG
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Fri, Feb 20

werner closed T7071: gpg: Support of No CRC in ASCII armor as Resolved.

Cool. Works for me now.

Fri, Feb 20, 1:37 PM · gnupg, Bug Report
gniibe added a comment to T7071: gpg: Support of No CRC in ASCII armor.

rG62b8bf2f introduced the regression. The intent of the fix was about comparison of -----END , which has nine characters.
But it also added afx->buffer_pos ==1, that affected.

Fri, Feb 20, 6:22 AM · gnupg, Bug Report

Thu, Feb 19

werner reopened T7071: gpg: Support of No CRC in ASCII armor as "Open".

Using --enarmor and removing the checksum I sometimes get

Thu, Feb 19, 5:03 PM · gnupg, Bug Report

Tue, Feb 10

werner triaged T8084: ctype(3) API use as Low priority.
Tue, Feb 10, 11:50 AM · NetBSD, gnupg, Bug Report

Mon, Feb 9

werner added a project to T8084: ctype(3) API use: NetBSD.

AFAICS all conditions are protected by isascii(3) which

Mon, Feb 9, 9:49 AM · NetBSD, gnupg, Bug Report

Wed, Feb 4

wiz added a project to T8084: ctype(3) API use: gnupg.
Wed, Feb 4, 11:18 AM · NetBSD, gnupg, Bug Report

Thu, Jan 29

timegrid added a comment to T6152: Allow giving context to gpg-agent.

Current state in gpg4win-5.0.0:

Thu, Jan 29, 4:09 PM · gnupg26, Feature Request, S/MIME
wiz added a comment to T6275: gnupg26: Improve gnupg_spawn_process function.

It seems this broke the self tests (and gpgme, and notmuch) on NetBSD: https://dev.gnupg.org/T8065

Thu, Jan 29, 2:09 PM · gnupg, libassuan, gpgrt

Tue, Jan 27

werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2026q1/000501.html on T7996: Release GnuPG 2.5.17 (security).
Tue, Jan 27, 5:52 PM · CVE, gnupg, Release Info
werner closed T8055: pinentry-tty: Correct/Cancel/Wrong - what does "C" select? as Resolved.
Tue, Jan 27, 5:17 PM · gnupg, pinentry, Bug Report
werner changed the visibility for T7996: Release GnuPG 2.5.17 (security).
Tue, Jan 27, 5:11 PM · CVE, gnupg, Release Info
werner added a comment to T7996: Release GnuPG 2.5.17 (security).

This is a security update

Tue, Jan 27, 3:47 PM · CVE, gnupg, Release Info
werner renamed T7996: Release GnuPG 2.5.17 (security) from Release GnuPG 2.5.17 to Release GnuPG 2.5.17 (security).
Tue, Jan 27, 3:44 PM · CVE, gnupg, Release Info
ebo moved T7434: Kleopatra: Initial keylisting hangs for ~60 seconds (gpg-agent: Socket ...S.gpg-agent cannot be bound) from Done to gpd-5.0.0 on the gpd5x board.
Tue, Jan 27, 1:58 PM · gpd5x (gpd-5.0.0), gnupg, kleopatra

Sun, Jan 25

mfilippov added a comment to T8047: Support secure memory on Windows.

@werner I added an implementation https://dev.gnupg.org/D622
that matches Linux behavior and avoids the message about secure memory not being supported on Windows. The change is scoped to the pinentry tool and intentionally follows Linux behavior. Does this approach look reasonable to you?

Sun, Jan 25, 9:02 PM · Windows, gnupg, Feature Request
werner changed the status of T8045: Stack-based buffer overflow in TPM2 `PKDECRYPT` from Open to Testing.
Sun, Jan 25, 5:02 PM · gnupg26, CVE, TPM, Bug Report
werner triaged T8055: pinentry-tty: Correct/Cancel/Wrong - what does "C" select? as Low priority.
Sun, Jan 25, 4:38 PM · gnupg, pinentry, Bug Report
werner added a comment to T8055: pinentry-tty: Correct/Cancel/Wrong - what does "C" select?.

I think "O" is a better key:

Sun, Jan 25, 4:37 PM · gnupg, pinentry, Bug Report
werner added a comment to T8055: pinentry-tty: Correct/Cancel/Wrong - what does "C" select?.

We need to change the accelerator. Right now gpg-agent uses

Sun, Jan 25, 4:14 PM · gnupg, pinentry, Bug Report
ametzler1 created T8055: pinentry-tty: Correct/Cancel/Wrong - what does "C" select?.
Sun, Jan 25, 7:47 AM · gnupg, pinentry, Bug Report

Jan 23 2026

werner triaged T8047: Support secure memory on Windows as Low priority.

I don't think that we will implement that any time soon. Today we too often require more mlock-able memory than available and in this case Libgcrypt resorts to allocating new memory arenas which are not locked. This is not as worse as one might think: the majro advantage with secmem is that a free() on secmem allocated memory will also wipe that memory. A better solution has always been to use an encrypted swap/paging file. 25 years ago, it was not easy to configure but today there should be no problem and hopefully already the default.

Jan 23 2026, 9:25 PM · Windows, gnupg, Feature Request
ebo removed a project from T4195: Fix time API in gpgme: Restricted Project.
Jan 23 2026, 3:22 PM · gnupg, kleopatra, gpgme, Feature Request
ebo added a comment to T4195: Fix time API in gpgme.

While key generation works now with an expiry date up to 2106-02-04, the representation on the command line is a bit ugly.

Jan 23 2026, 3:22 PM · gnupg, kleopatra, gpgme, Feature Request

Jan 22 2026

gniibe renamed T8045: Stack-based buffer overflow in TPM2 `PKDECRYPT` from Security (internal) - Stack-based buffer overflow in TPM2 `PKDECRYPT` to Stack-based buffer overflow in TPM2 `PKDECRYPT`.
Jan 22 2026, 12:33 AM · gnupg26, CVE, TPM, Bug Report

Jan 21 2026

werner shifted T8045: Stack-based buffer overflow in TPM2 `PKDECRYPT` from the Restricted Space space to the S1 Public space.
Jan 21 2026, 12:40 PM · gnupg26, CVE, TPM, Bug Report

Jan 20 2026

gniibe added a comment to T8044: gpg-agent stack buffer overflow in pkdecrypt using KEM.

On 2026-01-20, I found the message to security@gnupg.org of:
Message-ID: 4e708880-04ac-45bc-8d16-6b585f2652a1n@aisle.com
in may spam folder. It has a 10MB long attachment. That might be one of reasons to be identified as a spam.

Jan 20 2026, 6:42 AM · CVE, gnupg26, gpgagent, Bug Report
gniibe added a comment to T8045: Stack-based buffer overflow in TPM2 `PKDECRYPT`.

Considering the current implementation (tpm2d doesn't support keyinfo like scdaemon), it would be good to check the buffer size.
(If key information is accessible easily, we can check with a specific key.)

Jan 20 2026, 6:06 AM · gnupg26, CVE, TPM, Bug Report
gniibe created T8045: Stack-based buffer overflow in TPM2 `PKDECRYPT`.
Jan 20 2026, 1:54 AM · gnupg26, CVE, TPM, Bug Report
gniibe added projects to T8044: gpg-agent stack buffer overflow in pkdecrypt using KEM: gpgagent, gnupg.
Jan 20 2026, 1:52 AM · CVE, gnupg26, gpgagent, Bug Report

Jan 15 2026

werner set External Link to https://gnupg.org/blog/20251226-cleartext-signatures.html on T7900: Cleartext Signature Forgery in GnuPG.
Jan 15 2026, 4:05 PM · Not A Bug, OpenBSD, gnupg
timegrid closed T7434: Kleopatra: Initial keylisting hangs for ~60 seconds (gpg-agent: Socket ...S.gpg-agent cannot be bound) as Resolved.

Looks good to me on gpg4win-5.0.0 @ win11. Tested with 20 starts of each combination:

  • with / without keyboxd
  • quitting kleopatra / killing all processes
Jan 15 2026, 1:06 PM · gpd5x (gpd-5.0.0), gnupg, kleopatra
ikloecker moved T7434: Kleopatra: Initial keylisting hangs for ~60 seconds (gpg-agent: Socket ...S.gpg-agent cannot be bound) from Backlog to QA on the gpd5x board.
Jan 15 2026, 10:31 AM · gpd5x (gpd-5.0.0), gnupg, kleopatra
ikloecker changed the status of T7434: Kleopatra: Initial keylisting hangs for ~60 seconds (gpg-agent: Socket ...S.gpg-agent cannot be bound) from Open to Testing.

I think this has been resolved in Gpg4win 5.

Jan 15 2026, 10:31 AM · gpd5x (gpd-5.0.0), gnupg, kleopatra

Jan 9 2026

werner closed T7994: Documentation: mention `status-fd` in "Programmatic use of GnuPG" as Resolved.

Will be in the next release.

Jan 9 2026, 2:02 PM · gnupg, Documentation
werner removed a project from T6815: PQC encryption for GnuPG: gnupg26.

it does not make sense to have a workboard item for this parent ticket.

Jan 9 2026, 1:40 PM · OpenPGP, PQC, gnupg
Next