Page MenuHome GnuPG

gnupgProject
ActivePublic

Milestones

Subprojects

Members

  • This project does not have any members.
  • View All

Details

Description

Bugs, feature requests, memos, and support related to GnuPG.

Note that the tags gnug24, gnupg26 etc are used to indicate that a certain task is scheduled to be fixed in that version. This tag here is used if there is no concrete version affected or a schedule has not yet been set.

Recent Activity

Yesterday

tessus added a comment to T7017: allow pinentry-program to use and expand ~ in path.

Oh wow. It seems you have already coded the feature request. I didn't want to generate work for you and offered to submit a patch. Not that I am complaining.;-) Thank you!

Tue, Feb 27, 10:19 PM · gnupg, Feature Request
werner triaged T7017: allow pinentry-program to use and expand ~ in path as Normal priority.
Tue, Feb 27, 10:40 AM · gnupg, Feature Request
werner changed the status of T7017: allow pinentry-program to use and expand ~ in path from Open to Testing.

Those options where originally intended for debugging but your suggestion makes sense. I also add this to most other tools.

Tue, Feb 27, 10:40 AM · gnupg, Feature Request

Mon, Feb 26

werner added a subtask for T6815: PQC encryption for GnuPG: T7014: agent: Enhancement of PKDECRYPT for KEM interface.
Mon, Feb 26, 10:41 AM · OpenPGP, PQC, gnupg

Fri, Feb 23

werner removed a project from T5574: Doubled characters in Windows console output: gpgrt.

Removing gpgrt because we meanwhile have full utf-8 support there.

Fri, Feb 23, 2:04 PM · gnupg, Windows, Bug Report

Wed, Feb 21

werner closed T5084: Using GPGWin 3.1.13, Putty fails to load the private key from a YubiKey as Resolved.

Closing due to age and because gpg4win 4 started to using the much improved GnuPG 2.4

Wed, Feb 21, 5:45 PM · gnupg, ssh, Bug Report, gpg4win
werner reopened T6729: scdaemon 'Operation not supported by device' on macOS unless racing for first (?) read on boot as "Open".

The solution seems to be a newer libccid version. If that is the case we may want to include the fix also in our own ccid driver.

Wed, Feb 21, 2:45 PM · Feature Request, Not A Bug, gnupg, scd, MacOS
ncts added a comment to T6729: scdaemon 'Operation not supported by device' on macOS unless racing for first (?) read on boot.

Got this from my card vendor. Sonoma had a buggy CCID driver; compile one yourself and the bug's gone: https://forums.developer.apple.com/forums/thread/732091?answerId=768462022#768462022

Wed, Feb 21, 11:05 AM · Feature Request, Not A Bug, gnupg, scd, MacOS

Mon, Feb 19

werner added a subtask for T7001: Support D-TRUST ECC cards: T7000: Take derive usage into account for pkcs#15 cards..
Mon, Feb 19, 1:54 PM · gnupg, scd
werner triaged T7001: Support D-TRUST ECC cards as Normal priority.
Mon, Feb 19, 1:54 PM · gnupg, scd
90 added a comment to T6991: Adding XDG Base Directory paths as *fallbacks* over the existing ~/.gnupg paths.

Since there are some files that would simply have to be created each time under $GNUPGHOME, I've been thinking a bit more about what sort of approach to take for "fallbacks."

Mon, Feb 19, 11:28 AM · Support, gnupg, Feature Request

Fri, Feb 16

werner closed T6999: Are you aware of implementations which would generate signatures with 0x0001 lbits in signature? as Resolved.

No, I am not aware. I can't remember whether PGP once had such a bug because @dshaw did most cross-testing and fixing for PGP bugs. I would suggest to remove any such checks. IIRC, this was introduced by PGP 2 to speed up signature checking. 30 years ago RSA operations were quite expensive.

Fri, Feb 16, 10:01 AM · Documentation, gnupg

Thu, Feb 15

werner added a comment to T6991: Adding XDG Base Directory paths as *fallbacks* over the existing ~/.gnupg paths.

That is simply because your XDG_RUNTIME is set to the same directory gnupg uses. See gnupg/common/homedir.c:_gnupg_socketdir_internal

Thu, Feb 15, 5:44 PM · Support, gnupg, Feature Request
90 added a comment to T6991: Adding XDG Base Directory paths as *fallbacks* over the existing ~/.gnupg paths.

Funnily enough, runtime sockets already adhere to the XDGBDS somewhat by using $XDG_RUNTIME_DIR/gnupg as their path, while everything else uses strictly $GNUPGHOME or ~/.gnupg with no other alternative. Of course, I completely understand that the priority for this is rather low, but I am still happy to look into providing a patch myself that would add these fallbacks if it would help expedite the whole process.

Thu, Feb 15, 5:36 PM · Support, gnupg, Feature Request
gniibe claimed T5894: Various issues with system headers and _WIN32_WINNT value in MinGW build of gnupg-2.3.4.

In master, I applied changes for include files which don't harm current target of MinGW-64.

Thu, Feb 15, 6:48 AM · gnupg, Feature Request
gniibe added projects to T6991: Adding XDG Base Directory paths as *fallbacks* over the existing ~/.gnupg paths: gnupg, Support.
Thu, Feb 15, 3:41 AM · Support, gnupg, Feature Request

Sun, Feb 11

wiz added a comment to T5993: gpg should reject compressed packets outside of messages.

This is referenced from https://nvd.nist.gov/vuln/detail/CVE-2022-3219 for CVE-2022-3219. Can this please be fixed?

Sun, Feb 11, 11:09 AM · Feature Request, gnupg

Thu, Feb 8

aheinecke closed T5620: GnuPG, pinentry: Passphrase pattern error / warning does not match new logic as Resolved.

I think we can close this issue. Ikloecker explained why. The hint comes from the help files and I think at the time I opened the issue I did not use the help messages.

Thu, Feb 8, 9:02 AM · gnupg, Restricted Project

Wed, Feb 7

werner triaged T6962: gpg lock issue on Alma Linux upgraded servers as Normal priority.
Wed, Feb 7, 9:21 AM · Support, gnupg
werner triaged T6975: The option --default-key gives up too early if there are multiple matches as Normal priority.
Wed, Feb 7, 9:21 AM · Feature Request, gnupg
Angel added a comment to T6975: The option --default-key gives up too early if there are multiple matches.

Ingo, I concede it might be considered a bug on Request Tracker that it does not allow to specify the key as a fingerprint (or calculates it automatically from the email instead of relying on gpg doing it), but you generally want to keep expired keys around for decryption.

Wed, Feb 7, 3:29 AM · Feature Request, gnupg

Tue, Feb 6

ikloecker added a comment to T6975: The option --default-key gives up too early if there are multiple matches.

Quite frankly, if a third party application calls gpg with anything other than fingerprints to specify keys it's asking for trouble. I have changed KMail from using user IDs to using fingerprints when calling gpg more than 20 years ago.

Tue, Feb 6, 8:42 AM · Feature Request, gnupg
Angel reopened T6975: The option --default-key gives up too early if there are multiple matches as "Open".

Sorry, Werner, but I have to disagree on this. Specifying them by fingerprint only works if you have a specific field for the key (including the case where you are just it on the config file).

Tue, Feb 6, 3:17 AM · Feature Request, gnupg

Mon, Feb 5

werner closed T6975: The option --default-key gives up too early if there are multiple matches as Wontfix.

Instead of tweaking this and risk a regression for some users I added a suggested to the man page to use a fingerprint.

Mon, Feb 5, 8:53 AM · Feature Request, gnupg
werner closed T6972: Explicitly deprecate --use-embedded-filename -- it is hazardous as Resolved.

Unfortunately there are real world applications which make use of this option in special environments. Thus we can't remove it. I improved the warning in the man page.

Mon, Feb 5, 8:44 AM · Documentation, gnupg, patch
werner closed T6974: Bump requisites on 2.2.x as Resolved.
Mon, Feb 5, 8:24 AM · gnupg
werner added a project to T6974: Bump requisites on 2.2.x: gnupg.

There will be a 2.2.43 soonish. Thanks for the patch.

Mon, Feb 5, 8:24 AM · gnupg
werner closed T6973: uninitialized err on p12_parse as Resolved.

Thanks. Applied to 2.4 will eventually be merged into master.

Mon, Feb 5, 7:55 AM · gnupg
Angel added a comment to T6973: uninitialized err on p12_parse.

Mon, Feb 5, 4:54 AM · gnupg
Angel created T6975: The option --default-key gives up too early if there are multiple matches.
Mon, Feb 5, 1:26 AM · Feature Request, gnupg
Angel created T6973: uninitialized err on p12_parse.
Mon, Feb 5, 12:40 AM · gnupg

Sun, Feb 4

Angel merged task T2759: Misleading error message when trying to sign with an expired key into T4704: Wrong error message when key is expired.
Sun, Feb 4, 3:55 AM · Bug Report, gnupg
Angel added a comment to T2759: Misleading error message when trying to sign with an expired key.

This was reported again 3 years later as T4704, and finally fixed in gnupg-2.4.4, released last week.

Sun, Feb 4, 3:55 AM · Bug Report, gnupg

Thu, Feb 1

kigikah added a comment to T6962: gpg lock issue on Alma Linux upgraded servers.
Thu, Feb 1, 5:38 AM · Support, gnupg

Tue, Jan 30

ncssyedaf added a comment to T6962: gpg lock issue on Alma Linux upgraded servers.

Thanks! We will try this out and update you with the results.

Tue, Jan 30, 2:12 PM · Support, gnupg
werner edited projects for T6962: gpg lock issue on Alma Linux upgraded servers, added: gnupg, Support; removed Bug Report.

Since 2.2.20 we had these items in the NEWS

Tue, Jan 30, 11:04 AM · Support, gnupg
gniibe closed T6923: gpg fails to parse sensitive revokers from param files as Resolved.

Fixed in GnuPG 2.4.4.

Tue, Jan 30, 4:05 AM · gnupg, Bug Report

Jan 27 2024

stardiviner added a comment to T6481: BEGIN_ENCRYPTION status output happens later in 2.4.1 (breaks Emacs's EasyPG).

I upgraded to gnupg 1.4.4 now, the problem is gone. Thanks for working.

Jan 27 2024, 5:09 AM · Emacs, gnupg, Bug Report

Jan 26 2024

fgunbin added a comment to T6481: BEGIN_ENCRYPTION status output happens later in 2.4.1 (breaks Emacs's EasyPG).

Thanks @gniibe and everybody!

Jan 26 2024, 5:32 PM · Emacs, gnupg, Bug Report
gniibe closed T6481: BEGIN_ENCRYPTION status output happens later in 2.4.1 (breaks Emacs's EasyPG) as Resolved.

Fixed in GnuPG 2.4.4.

Jan 26 2024, 1:11 AM · Emacs, gnupg, Bug Report

Jan 25 2024

werner updated the task description for T6578: Release GnuPG 2.4.4.
Jan 25 2024, 11:37 AM · gnupg24 (gnupg-2.4.4), Release Info

Jan 24 2024

ikloecker created T6956: GnuPG: Allow import of gpgsk files.
Jan 24 2024, 9:30 AM · gnupg22, Feature Request, gnupg24, Restricted Project

Jan 23 2024

juergenhoetzel added a comment to T6481: BEGIN_ENCRYPTION status output happens later in 2.4.1 (breaks Emacs's EasyPG).

Arch Linux: https://gitlab.archlinux.org/archlinux/packaging/packages/gnupg
FreeBSD: https://cgit.freebsd.org/ports/tree/security/gnupg

I don't see the patch is applied. Please wait for GnuPG release 2.4.4.

Jan 23 2024, 12:36 PM · Emacs, gnupg, Bug Report
ikloecker added a comment to T6481: BEGIN_ENCRYPTION status output happens later in 2.4.1 (breaks Emacs's EasyPG).

Indeed, openSUSE has applied the patch: https://build.opensuse.org/package/show/openSUSE%3AFactory/gpg2

Jan 23 2024, 8:18 AM · Emacs, gnupg, Bug Report
gniibe added a comment to T6481: BEGIN_ENCRYPTION status output happens later in 2.4.1 (breaks Emacs's EasyPG).

Arch Linux: https://gitlab.archlinux.org/archlinux/packaging/packages/gnupg
FreeBSD: https://cgit.freebsd.org/ports/tree/security/gnupg

Jan 23 2024, 1:05 AM · Emacs, gnupg, Bug Report

Jan 22 2024

ikloecker added a comment to T6481: BEGIN_ENCRYPTION status output happens later in 2.4.1 (breaks Emacs's EasyPG).

Works as expected on openSUSE Tumbleweed with gpg2-2.4.3-4.2.x86_64:

$ gpg2 --version
gpg (GnuPG) 2.4.3
libgcrypt 1.10.3
[...]
Jan 22 2024, 10:02 PM · Emacs, gnupg, Bug Report
juergenhoetzel added a comment to T6481: BEGIN_ENCRYPTION status output happens later in 2.4.1 (breaks Emacs's EasyPG).

i still observe the same behavior:

What do you mean? I can't replicate the behavior described by you, using the GnuPG from the repo, or the one of Debian 2.4.3-2.

Jan 22 2024, 6:04 PM · Emacs, gnupg, Bug Report
gniibe added a comment to T6481: BEGIN_ENCRYPTION status output happens later in 2.4.1 (breaks Emacs's EasyPG).

i still observe the same behavior:

Jan 22 2024, 5:57 AM · Emacs, gnupg, Bug Report

Jan 21 2024

juergenhoetzel added a comment to T6481: BEGIN_ENCRYPTION status output happens later in 2.4.1 (breaks Emacs's EasyPG).

For a while, distributions can apply rG2f872fa68c65 for 2.4 series.

Jan 21 2024, 7:59 PM · Emacs, gnupg, Bug Report

Jan 18 2024

ebo closed T6736: Year 2038 issue for key validity date, a subtask of T4195: Fix time API in gpgme, as Resolved.
Jan 18 2024, 11:43 AM · gnupg, kleopatra, Restricted Project, gpgme, Feature Request