- User Since
- May 8 2022, 2:50 AM (8 w, 2 d)
Mon, Jun 20
Closing in favor of D556.
When failing due to a bad packet in a detached signature, log the
Sat, Jun 18
Fri, Jun 17
Compressed packets in detached signatures and/or certificates have never been permitted by any version of the standard.
Thu, Jun 16
I will try, but it will likely be a while. In any case I believe you will need a Red Hat-family distro to trigger the bug; it happens when gpg trys to encrypt with a key that uses a public key algorithm libgcrypt does not support.
Reopening as it appears this issue was closed based on an incorrect understanding of what it is.
Reopening as gpg’s handling of the situation is very much suboptimal.
Closing as I believe this is a downstream bug.
Wed, Jun 15
Mon, Jun 13
Fri, Jun 10
The quotes are irrelevant because they are evaluated by the shell and don't make a difference here.
Added missing context lines and replaced some tabs with spaces
For clarification, the strings I have provided are raw argv elements as would be passed to execve(), with quoting already removed.
I am using GnuPG 2.3.4 on Fedora Linux. I am referring to --list-options=show-sig-subpackets="100"a (note the quotes). The bug is that the character after the trailing close quote is ignored, rather than being treated as an invalid option and causing an error. That is, I would expect show-sig-subpackets="100"a to be parsed as show-sig-subpackets="100",a or be an error.
gpg-agent --supervised being deprecated is highly surprising, especially because it works so well with systemd.
Thu, Jun 9
May 23 2022
May 22 2022
I would be okay with GnuPG ignoring such packets, but I do not want verifying a signature or importing a key to activate the decompression code and its associated attack surface.