In T5993#201111, @werner wrote:For example Poppler uses GnuPG comment packets to lower its own attack surface by leaving all OpenPGP handling to gpg. The patch (or at least the version we noticed in Fedora and Debian) entirely breaks this use.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Fri, May 16
Fri, May 16
(The commits had a wrong bug it in their message)
• werner committed rG23ccad05c680: gpg: Do not allow compressed key packets on import. (authored by • werner).
gpg: Do not allow compressed key packets on import.
• werner committed rG8e529f922194: gpg: Do not allow compressed key packets on import. (authored by • werner).
gpg: Do not allow compressed key packets on import.
• werner committed rG645cf7d8fc25: Revert "w32: On socket nonce mismatch close the socket." (authored by • werner).
Revert "w32: On socket nonce mismatch close the socket."
gpg: Remove unused variable.
Rework networking
Fix typo
It might be useful to have samples of compressed keys:
• werner committed rEcda4789a9f7d: Time for a new error code; this time GPG_ERR_UNEXPECTED_PACKET (authored by • werner).
Time for a new error code; this time GPG_ERR_UNEXPECTED_PACKET
Apparently KMessageBoxes do actually wrap, just at a larger width than we'd have expected. Lowering this width should be a trivial patch that we could do locally, if we want to
No, we can't do much about this. It has always been easy to create compression bombs and the more relevant thing here is compressed signed or encrypted data. Or just compressed mails. The patch by @DemiMarie is way to complicated for what it wants to achieve and actually breaks existing use cases. For example Poppler uses GnuPG comment packets to lower its own attack surface by leaving all OpenPGP handling to gpg. The patch (or at least the version we noticed in Fedora and Debian) entirely breaks this use.
Generate manifest.xml at runtime
Reencrypt in a seperate folder
Display name of folder to reencrypt
CarlSchwan committed rOJd668b9750efb: reencryption: Display logs and reencryption state in a dialog (authored by CarlSchwan).
reencryption: Display logs and reencryption state in a dialog
• gniibe committed rG40cfa71281db: common: Add KEM constants for NIST curves. (authored by • gniibe).
common: Add KEM constants for NIST curves.
l10n daemon script <scripty@kde.org> committed rKLEOPATRAa88aff617ab1: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rMTP9a5f0d29218e: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rLIBKLEO00921c0a63e9: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
l10n daemon script <scripty@kde.org> committed rKLEOPATRA67a3d0167d91: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
Thu, May 15
Thu, May 15
• werner added a comment to T7634: libgcrypt's test t-thread-local fails to link on some platforms..
Also pushed to 1.11
swdb: gpgol 2.6.1
Post release updates
Release 2.6.1
Handle filtered READ events
Handle non mail items in inbox events
• ebo renamed T7655: Kleopatra: show a progress window when updating a certificate from Kleopatra: show a progress window when update a certificate to Kleopatra: show a progress window when updating a certificate.
• ebo renamed T7655: Kleopatra: show a progress window when updating a certificate from Kleopatra: Trying to update a certificate takes too much time if there is no network to Kleopatra: show a progress window when update a certificate.
Hej thinks that she would expect the dialog to show which certificates were uploaded.
I think if we want to do that, we should make a new ticket for it. Here we wanted the easy quick fix.
• TobiasFella changed the status of T7495: Kleopatra: Improve success message on keyserver upload from Open to Testing.
This is not really easy to change, since the proposed paths doesn't match QStandardPath
m <meik.michalke@gnupg.com> committed rOJb0eec451de48: updated README.md (authored by m <meik.michalke@gnupg.com>).
updated README.md
Way too complicate and thus has a high risk of regression,
• TobiasFella committed rKLEOPATRA0484fe5985be: Improve success message for key upload (authored by • TobiasFella).
Improve success message for key upload
• TobiasFella changed the status of T7652: Kleopatra: Add plural in verification messages for multiple signatures from Open to Testing.
• TobiasFella committed rKLEOPATRA73ca288b2ef5: Use plural when verifying multiple signatures from the same file (authored by • TobiasFella).
Use plural when verifying multiple signatures from the same file
• TobiasFella committed rKLEOPATRA94bafa83d1fc: Apply 1 suggestion(s) to 1 file(s) (authored by • TobiasFella).
Apply 1 suggestion(s) to 1 file(s)
Use new startCreate overload
• ikloecker committed rGPGMEQT1a063ce9332e: Remove long obsolete feature checks (authored by • ikloecker).
Remove long obsolete feature checks
• ikloecker committed rGPGMEQT3032aee35248: Modernize interface of QuickJob::startCreate and ::startAddSubkey (authored by • ikloecker).
Modernize interface of QuickJob::startCreate and ::startAddSubkey
• ikloecker committed rGPGMEPPee85d38a2f9e: Remove long obsolete feature checking API (authored by • ikloecker).
Remove long obsolete feature checking API
• ikloecker committed rGPGMEPP9200517f23c5: Remove deprecated functions and types (authored by • ikloecker).
Remove deprecated functions and types
• ikloecker committed rGPGMEPPd3559c8abcfe: Add CreationFlags and simplify API of createKey and createSubkey (authored by • ikloecker).
Add CreationFlags and simplify API of createKey and createSubkey
• ikloecker committed rGPGMEPP8b853b09d542: New decrypt flag DecryptListOnly (authored by • ikloecker).
New decrypt flag DecryptListOnly
"Geheimen Team-Schlüssel zum internen Teilen abspeichern." is grammatically correct, but it sound very formal and clunky for a UI tooltip. It lacks clarity, therefore I suggest:
• ikloecker added a comment to T7655: Kleopatra: show a progress window when updating a certificate.
It's pretty much impossible to speed up the situation of unavailable network because network access typically uses long timeouts because networks can be notoriously slow to respond. The only thing we can do is show a progress window so that the users know that Kleopatra is actually doing something.
l10n daemon script <scripty@kde.org> committed rKLEOPATRA107e52b24cf9: GIT_SILENT Sync po/docbooks with svn (authored by l10n daemon script <scripty@kde.org>).
GIT_SILENT Sync po/docbooks with svn
• gniibe committed rC0bd4c77be6e0: mpi:ec: Least leak with k^(-1) for ECDSA. (authored by • gniibe).
mpi:ec: Least leak with k^(-1) for ECDSA.
• gniibe committed rCaa089ec89bad: mpi:ec: Use ec_mulm_lli in _gcry_mpi_ec_get_affine. (authored by • gniibe).
mpi:ec: Use ec_mulm_lli in _gcry_mpi_ec_get_affine.
• gniibe changed the status of T7648: Decryption to a Ky768_Cv25519 key does not work if the Cv25519 key is on a token from Open to Testing.
• gniibe closed T7621: libgpg-error: __non_string for GCC 15 or later, a subtask of T7617: libgcrypt: Add __nonstring__ attribute for data for GCC 15 or later, as Resolved.
Wed, May 14
Wed, May 14
• ikloecker committed rKLEOPATRAb1f3736de7ed: Use Error::isError() to check if an error occurred (authored by • ikloecker).
Use Error::isError() to check if an error occurred
• ikloecker committed rKLEOPATRA10b618703d74: Include QGpgME/Debug for QDebug operator for GpgME::Error (authored by • ikloecker).
Include QGpgME/Debug for QDebug operator for GpgME::Error
• ikloecker committed rKLEOPATRAd4f777ffa137: Remove long obsolete feature check (authored by • ikloecker).
Remove long obsolete feature check
Rename packages.common to packages.list
• werner committed rW383eb8586161: Update Okular for gnupg >= 2.4 to the correct version. (authored by • werner).
Update Okular for gnupg >= 2.4 to the correct version.
Merge branch 'gpg4win-5-branch'
Merge branch 'gpg4win-5-branch'
• ebo renamed T7655: Kleopatra: show a progress window when updating a certificate from Kleopatra: Trying to update a certificat takes too much time if there is no network to Kleopatra: Trying to update a certificate takes too much time if there is no network.
• ebo triaged T7655: Kleopatra: show a progress window when updating a certificate as Normal priority.
m.eik renamed T7613: GpgOL/Web shows wrong path to manifest in Gpg4Win from Gpg4Win is missing GpgOL/Web's manifest file to GpgOL/Web shows wrong path to manifest in Gpg4Win.
• werner committed rDeffa3ea5e36e: Improve the make rules to upload sbdb.lst. (authored by • werner).
Improve the make rules to upload sbdb.lst.
swdb: gnupg 2.4.8
• ebo updated the task description for T7636: Kleopatra: Handle not available keyserver or WKD when updating a certificate.
Post release updates.
Release 2.4.8
We have updated patches for long in the gpg4win repo and thus I close this bug.
• ebo renamed T7636: Kleopatra: Handle not available keyserver or WKD when updating a certificate from Draft: Kleopatra: Handle not available keyserver or WKD when updating a certificate to Kleopatra: Handle not available keyserver or WKD when updating a certificate.
• TobiasFella moved T7652: Kleopatra: Add plural in verification messages for multiple signatures from Backlog to WIP on the gpd5x board.
• TobiasFella committed rKLEOPATRA52b8abf71c7a: Use plural when verifying multiple signatures from the same file (authored by • TobiasFella).
Use plural when verifying multiple signatures from the same file
• ebo updated the task description for T7495: Kleopatra: Improve success message on keyserver upload.
• werner added a comment to T7589: Unable to export SSH keys for ED25519 keys generate on a SmartCard.
Using the primary key for ssh was not intended and thus not tested. I have not yet found the time too look closer at your report. Just one remark:
• TobiasFella committed rKLEOPATRA6a26951194e6: Improve success message for key upload (authored by • TobiasFella).
Improve success message for key upload
• TobiasFella moved T7495: Kleopatra: Improve success message on keyserver upload from Backlog to WIP on the gpd5x board.
• TobiasFella committed rKLEOPATRA16e1b9dda0d3: Improve success message for key upload (authored by • TobiasFella).
Improve success message for key upload
• werner added a project to T7589: Unable to export SSH keys for ED25519 keys generate on a SmartCard: gnupg.
• TobiasFella changed the status of T7580: Kleopatra: Add a dialog window to the disable/enable certificate action, a subtask of T7216: Kleopatra: Integrate "disabled" feature from gpg, from Open to Testing.
• TobiasFella changed the status of T7580: Kleopatra: Add a dialog window to the disable/enable certificate action from Open to Testing.
• ebo renamed T7616: Kleopatra: add test to check connectivity from Draft: Kleopatra: add test to check connectivity to Kleopatra: add test to check connectivity.
• TobiasFella committed rKLEOPATRAe3687a8bd666: Show warning when disabling certificate (authored by • TobiasFella).
Show warning when disabling certificate
Remove linebreak
Use proper name
Change para to newline
Update message
Use actual filter name
• TobiasFella committed rKLEOPATRA45ea52dcb594: Show warning when disabling certificate (authored by • TobiasFella).
Show warning when disabling certificate
• TobiasFella committed rLIBKLEOe25bfe8051f8: Add id for disabled filter (authored by • TobiasFella).
Add id for disabled filter
Tooltip: Save this secret key to share with other team members.
dt. Menüeintrag: Geheimen Team-Schlüssel speichern
Tooltip: Geheimen Schlüssel speichern und mit Team teilen.
• ikloecker committed rM15ae7da74bc4: Treat empty algorithm the same way as unset algorithm (authored by • ikloecker).
Treat empty algorithm the same way as unset algorithm