There is also a confusing case: a subkey expiration date is set, but the associated primary key is expired.
Pushing a fix in master.

Actually I have a different approach to fix this bug(let). Please give me a few days.

@werner Thanks for merging the --dry-run patch in 110a4550179f !

When having a backup media, I'd recommend completely different one (for example, on paper using paperkey to be stored in a locker in basement), which requires different method for recovering. Brains may be easily confused when same private key material exists in multiple similar devices.

Thanks for this @gniibe. I have long been frustrated by trying to save the correct "stubs" to have my keyring point at two different smartcards. It was common and even advocated in my former community to place one's master key on a separate smartcard (certify capability), with a different one used for daily usage.

Thanks Gniibe San for explanation.

At the time the verification is done some output has already been written to the file 'signed'. When checking whether the deprecated abbreviated format

I can't see any bug here so I will close this bug now.

@blades: This feature will be available in GnuPG 2.3, which is planed to be released this year.
For Debian, Buster will come with GnuPG 2.2.12. After release of GnuPG 2.3, backport might be available (like GnuPG 2.2.x is available as backport for Stretch).

Hi Werner,

Please use one of the mailing lists to solve your problem. 2.3 is a development version, so I wonder from where you got this version of GnuPG.

Helo and forgive me for the ignorance, Iam a new.
I subscribed to this topic because I need a fix like that, I have 2 yubikeys with same subkeys...
Now how is possible to install from master; It's about a debian based distro. Also, when this will be pushed for updates via apt-get;
Thank you.

Feature supported in master.

Will give you more detailed info about your certificate. For even more details use --dump-chain instead of --list-chain.

rG5b22d2c4008 tested good under Asan.

Thanks for your report.

We update condig.{guess,sub} only when needed. In the past we had cases with regressions on some rare platforms.

I'm going to bring newest m4/iconv.m4 from original (gettext), which apparently fixed file descriptor leaks.

Thanks for your report.

An FYI... Once we cleared the earlier findings GnuPG tested OK under Asan. GnuPG itself had no findings, and it did not cause any dependent libraries to generate findings.

Thanks for the tests. I just fixed this one and will do replace some code in master, soon.

This patch tested OK.

It looks like this patch clears this finding:

It looks like this clears this finding:

We fixed this bug already in the repo. See T4459.

It appears this issue was first identified and triaged in 2016: T2879
If merged, my patches should resolve that task as well.