Do you remember wether you had the same problem also with 2.5.14 or 2.5.16? Or can you test with these versions? Which version of libgpg-error are you using?
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Wed, Jan 28
Wed, Jan 28
When I kill the gpg process, I see:
("/tmp/security/gnupg2/work/gnupg-2.5.17/g10/gpg" --no-permission-warning --no-greeting --no-secmem-warning --batch "--agent-program=/tmp/security/gnupg2/work/gnupg-2.5.17/agent/gpg-agent|--debug-quick-random" --list-sec
ret-keys) failed: gpg: starting migration from earlier GnuPG versions• ebo triaged T8064: Draft: GpgOL: Add Option to force GpgOL usage in case of conflict as Normal priority.
• ebo added a project to T7989: GpgOL: Confusing message in dialog window "Conflicting crypto settings": vsd34.
Update generated javascript
Remove further direct references to EWS.
pl13 committed rG0437dfc94b23: tests: Add test for parsing too large signature packets. (authored by pl13).
tests: Add test for parsing too large signature packets.
Remove/port further direct usages of EWS API
• werner committed rG81760cc931d6: Fix stub functions to avoid LTO linking bugs. (authored by • werner).
Fix stub functions to avoid LTO linking bugs.
tfry committed rOJ4b75d756017e: Port usage to Graph-API, with a fallback to EWS for on-premises installations (authored by tfry).
Port usage to Graph-API, with a fallback to EWS for on-premises installations
tfry committed rOJa343e72dc0dd: Finish porting reencrypt feature to EWS/Graph-API abstraction (authored by tfry).
Finish porting reencrypt feature to EWS/Graph-API abstraction
My actual plan is to rework the imp[ort/export of secret keys to gpg-agent. Right now gpg-agent has knowledge of OpenPGP for import/export. This is not good and the required conversion should be moved to a helper tools for easier testing and to have this out of the gpg-agent process. For Kyber we right now don't use any conversion mut store the secret keys in gpg-agent's native format. Thus the passphrase is not necessary. We need to figure out why we have this problem here.
Refresh web files
Merge branch 'work/tfry/reencrypt_ui'
Remove unused sources files
Fix build with libassuan 2.
l10n daemon script <scripty@kde.org> committed rLIBKLEOd1915630a249: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Tue, Jan 27
Tue, Jan 27
Post release updates
po: msgmerge
Release 2.5.17
• werner committed rG11b7e4139e82: gpg: Fix possible NULL-deref with overlong signature packets. (authored by • werner).
gpg: Fix possible NULL-deref with overlong signature packets.
• werner committed rG93fa34d9a346: tpm: Fix possible buffer overflow in PKDECRYPT (authored by • werner).
tpm: Fix possible buffer overflow in PKDECRYPT
• werner committed rGc3e387427977: po: Update Swedish translation (authored by Daniel Nylander <github@danielnylander.se>).
po: Update Swedish translation
• werner committed rGeba28eeaa1b1: agent: Add accelerator keys for "Wrong" and "Correct". (authored by • werner).
agent: Add accelerator keys for "Wrong" and "Correct".
• werner committed rG2438271ab601: agent: Fix stack buffer overflow when using gpgsm and KEM (authored by • werner).
agent: Fix stack buffer overflow when using gpgsm and KEM
bernhard added a comment to T8059: Gpg4win: Change bug report address to a Gpg4win-specific address.
This ticket is explicitly about Kleopatra included in Gpg4win.
• werner set External Link to https://lists.gnupg.org/pipermail/gnupg-announce/2026q1/000501.html on T7996: Release GnuPG 2.5.17 (security).
• ikloecker added a comment to T8059: Gpg4win: Change bug report address to a Gpg4win-specific address.
In T8059#212270, @bernhard wrote:Kleopatra is also run on GNU/Linux Distributions.
Security announcement
swdb: GnuPg 2.5.17 and Gpg4win 5.0.1
• werner renamed T8049: Null pointer dereference with overlong signature packet from Security (internal) - Aisle Research report: Null pointer dereference with overlong signature packet to Null pointer dereference with overlong signature packet.
bernhard added a comment to T8059: Gpg4win: Change bug report address to a Gpg4win-specific address.
Kleopatra is also run on GNU/Linux Distributions.
This is a security update
• werner renamed T7996: Release GnuPG 2.5.17 (security) from Release GnuPG 2.5.17 to Release GnuPG 2.5.17 (security).
• ebo moved T8045: Stack-based buffer overflow in TPM2 `PKDECRYPT` from Backlog to Done on the gnupg26 board.
• ebo edited projects for T8045: Stack-based buffer overflow in TPM2 `PKDECRYPT`, added: gnupg26; removed gnupg.
• ebo moved T8044: gpg-agent stack buffer overflow in pkdecrypt using KEM from Backlog to Done on the gnupg26 board.
Option works in Gpg4win-5.0.1 with GnuPG 2.5.17
• ebo moved T6623: Kleopatra hangs "Loading certificate cache" on Windows 10 from Done to gpd-5.0.0 on the gpd5x board.
• ebo moved T4581: Kleopatra stuck in loading the certificate cache from Done to gpd-5.0.0 on the gpd5x board.
• ebo moved T8026: Kleopatra: Export of multiple S/MIME certificates only exports one from Done to gpd-5.0.1 on the gpd5x board.
• ebo moved T8026: Kleopatra: Export of multiple S/MIME certificates only exports one from WIP to Done on the gnupg26 board.
works in Gpg4win 5.0.1 with GnuPG 2.5.17
Gpg4win 5.0.0 (2026-01-14)
tfry committed rOJ2262c655ee91: Request API permissions based on type of installation (authored by tfry).
Request API permissions based on type of installation
l10n daemon script <scripty@kde.org> committed rMTPd1cdd6f6abf2: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Albert Astals Cid <aacid@kde.org> committed rKLEOPATRAd15e118981ac: GIT_SILENT Upgrade release service version to 25.12.2. (authored by Albert Astals Cid <aacid@kde.org>).
GIT_SILENT Upgrade release service version to 25.12.2.
Albert Astals Cid <aacid@kde.org> committed rKLEOPATRA52ede8008647: GIT_SILENT Update Appstream for new release (authored by Albert Astals Cid <aacid@kde.org>).
GIT_SILENT Update Appstream for new release
Albert Astals Cid <aacid@kde.org> committed rKLEOPATRAb1ab409dfc5d: GIT_SILENT Update Appstream for new release (authored by Albert Astals Cid <aacid@kde.org>).
GIT_SILENT Update Appstream for new release
Mon, Jan 26
Mon, Jan 26
tfry committed rOJf3021f1be3fe: Fix copy-and-update graph implementaion; add send mail implementation (authored by tfry).
Fix copy-and-update graph implementaion; add send mail implementation
Send mails via abstracted API
tfry committed rOJ6750a5550794: Implement further basic mail jobs, and start porting reencrypt code (authored by tfry).
Implement further basic mail jobs, and start porting reencrypt code
• ebo renamed T7496: Kleopatra: Unify the UI process for server upload (-> small string change) from Kleopatra: Unify the UI process for server upload to Kleopatra: Unify the UI process for server upload (-> small string change).
• ebo added a parent task for T6769: Kleopatra: Change warning on keyserver upload: T8057: Certificate upload related improvements.
• ebo added a parent task for T7495: Kleopatra: Improve success message on keyserver upload: T8057: Certificate upload related improvements.
• ebo added subtasks for T8057: Certificate upload related improvements: T7495: Kleopatra: Improve success message on keyserver upload, T6769: Kleopatra: Change warning on keyserver upload, T7496: Kleopatra: Unify the UI process for server upload (-> small string change), T7772: Kleopatra: Config option - only allow upload of certificates with private key to LDAP keyserver.
To reproduce the hang, a loop will suffice (usually happens within the first 15 times, once it needed 50 runs):
• ikloecker changed the status of T6537: Make KIO::move work on Windows when moving between different partitions, a subtask of T6373: Kleopatra: Show progress dialog when moving decrypted archive to final destination, from Testing to Open.
• ikloecker changed the status of T6537: Make KIO::move work on Windows when moving between different partitions from Testing to Open.
This is still open. It cannot be tested because Gpg4win still doesn't use KIO::move on Windows (because the above patch has not yet been merged).
• ikloecker changed the status of T6537: Make KIO::move work on Windows when moving between different partitions, a subtask of T6851: Kleopatra: Allow users to change name of decryption result if file already exists, from Testing to Open.
There's no other configuration, this happens with a clean gnupghome with one smime cert + root cert and the above gpgsm.conf (output on stdin/stderr):
• ikloecker added a comment to T6373: Kleopatra: Show progress dialog when moving decrypted archive to final destination.
I think this is still open (and requires T6537: Make KIO::move work on Windows when moving between different partitions).
This is not yet fixed. KDE still applies a patch to gpgmepp (and gpgmeqt) to ifdef a few GCCisms.
tfry committed rOJc96c4628b833: Implement copy-and-update mail operation using Graph API (authored by tfry).
Implement copy-and-update mail operation using Graph API
Sun, Jan 25
Sun, Jan 25
@werner I added an implementation https://dev.gnupg.org/D622
that matches Linux behavior and avoids the message about secure memory not being supported on Windows. The change is scoped to the pinentry tool and intentionally follows Linux behavior. Does this approach look reasonable to you?
• werner committed rE9b7c3438a3c9: po: Update Swedish translation. (authored by Daniel Nylander <github@danielnylander.se>).
po: Update Swedish translation.