Bug Report
ActivePublic

Members

  • This project does not have any members.

Recent Activity

Today

maiden_taiwan added a comment to T4583: pinentry-tty should accept backspace, delete, and ctrl-U.

Thank you. I just downloaded the source for pinentry-1.1.0 and changed this line:

Wed, Jun 26, 4:34 AM · Bug Report
gniibe claimed T4583: pinentry-tty should accept backspace, delete, and ctrl-U.

(What you see as the link addressed in 2015 is for pinentry-curses, which is irrelevant.)

Wed, Jun 26, 4:04 AM · Bug Report

Yesterday

dkg created T4584: --quick-sign-key offers no way to override a current certification.
Tue, Jun 25, 5:52 PM · Bug Report, gnupg (gpg22)
maiden_taiwan set Version to 2.2.4 on T4583: pinentry-tty should accept backspace, delete, and ctrl-U.
Tue, Jun 25, 5:32 PM · Bug Report
maiden_taiwan updated the task description for T4583: pinentry-tty should accept backspace, delete, and ctrl-U.
Tue, Jun 25, 5:32 PM · Bug Report
maiden_taiwan created T4583: pinentry-tty should accept backspace, delete, and ctrl-U.
Tue, Jun 25, 5:31 PM · Bug Report
justus added a comment to T4582: gpgconf homedir confusion.

Whoops, looks like it, sorry for the noise.

Tue, Jun 25, 5:25 PM · Bug Report
dkg added a comment to T4582: gpgconf homedir confusion.

i think this might be a duplicate of T4496

Tue, Jun 25, 5:22 PM · Bug Report
justus created T4582: gpgconf homedir confusion.
Tue, Jun 25, 4:54 PM · Bug Report
werner renamed T4581: Kleopatra stuck in loading the certificate cache from not opening to Kleopatra stuck in loading the certificate cache.
Tue, Jun 25, 3:33 PM · gpg4win, kleopatra, Bug Report
werner added projects to T4581: Kleopatra stuck in loading the certificate cache: kleopatra, gpg4win.
Tue, Jun 25, 3:32 PM · gpg4win, kleopatra, Bug Report
allpond created T4581: Kleopatra stuck in loading the certificate cache.
Tue, Jun 25, 2:27 PM · gpg4win, kleopatra, Bug Report
gniibe changed the status of T4274: Fail selftests when checksum file is missing in FIPS mode only from Open to Testing.
Tue, Jun 25, 6:01 AM · Testing, libgcrypt, Bug Report
dkg added a comment to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

I'm unlikely to put a windows-specific patch into the debian source, as
i have no good way of testing it, and it wouldn't affect any binary that
we ship.

Tue, Jun 25, 2:57 AM · gpgagent, gnupg, Bug Report
equwal created T4580: Update the password checking algorithm.
Tue, Jun 25, 2:44 AM · gpgagent, Feature Request

Mon, Jun 24

JJworx added a comment to T4278: Signed mails not visible in Exchange web interface (owa).

I just received answer that this is still a problem in the current release.

Mon, Jun 24, 8:34 AM · gpgol, Bug Report, gpg4win
gniibe added a comment to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

@dkg, for your patch, it can be improved for Windows by using its event mechanism. You can see gnupg/scd/scdaemon.c.

Mon, Jun 24, 4:00 AM · gpgagent, gnupg, Bug Report
dkg updated subscribers of T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

Hm, T4521 suggests that the two different cases should not be treated differently. If you think that they *should* cause distinct behavior, please do mention it over there!

Mon, Jun 24, 2:24 AM · gpgagent, gnupg, Bug Report
gniibe added a comment to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

There are two different cases: (1) By SIGTERM and (2) By KILLAGENT. It's true that the agent stops accepting on the listening socket for (1), but it's not the case for (2).
This particular problem is for the case (2).

Mon, Jun 24, 1:59 AM · gpgagent, gnupg, Bug Report

Sun, Jun 23

slandden added a comment to T4541: C implementation of AES is vulnerable to side-channel attacks.

Werner, I interpreted jwilik's patch as admission of a problem from upstream, and reported it as such to CVE. I felt that since this does not effect the main platforms (ARM and x86_64) it would not be a big deal. If I interpreted wrong, I am sorry.

Sun, Jun 23, 7:52 PM · side-channel, libgcrypt, Bug Report
slandden added a comment to T4541: C implementation of AES is vulnerable to side-channel attacks.

I assigned the CVE, but yes it needs more facts.

Sun, Jun 23, 5:48 PM · side-channel, libgcrypt, Bug Report
werner added a comment to T4541: C implementation of AES is vulnerable to side-channel attacks.

Andreas, I wonder on which grounds you assigned a CVE for this claimed side-channel attack. The mentioned paper is about an old RSA side-channel and not on AES. I would like to see more facts than the reference to a guy who knows PPC pretty well.

Sun, Jun 23, 5:45 PM · side-channel, libgcrypt, Bug Report
Anthony added a comment to T4579: RSA CRT decryption occasional failure.

The gpg --version shows:

Sun, Jun 23, 5:17 PM · OpenPGP, Not A Bug
werner added a comment to T4579: RSA CRT decryption occasional failure.

Which Libgcrypt version is used (gpg --version shows it).

Sun, Jun 23, 12:09 PM · OpenPGP, Not A Bug

Sat, Jun 22

ametzler1 added a comment to T4541: C implementation of AES is vulnerable to side-channel attacks.

This bug has been assigned CVE-2019-12904. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12904

Sat, Jun 22, 6:36 AM · side-channel, libgcrypt, Bug Report

Fri, Jun 21

dkg added a comment to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

@gniibe, thanks for the diagnosis! I agree that restarting or shutting down the backends should be done in the reverse order as a simple workaround.

Fri, Jun 21, 6:24 PM · gpgagent, gnupg, Bug Report
Anthony created T4579: RSA CRT decryption occasional failure.
Fri, Jun 21, 11:50 AM · OpenPGP, Not A Bug
gniibe added a comment to T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

Correct solution is to implement KILLAGENT synchronously, but it's somehow harder to implement.
Easier workaround is modifying gpgconf like:

Fri, Jun 21, 3:47 AM · gpgagent, gnupg, Bug Report
gniibe edited projects for T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32, added: gnupg, gpgagent; removed gnupg (gpg22).

I found a race condition between KILLAGENT command and accepting another request.
Here is a patch to replicate the race condition :

Fri, Jun 21, 2:33 AM · gpgagent, gnupg, Bug Report
gniibe claimed T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.

I took this task as it has errors of gpg-connect-agent scd killscd. But, it seems for me that it's not the direct cause.
Anyway, I investigate the bug.

Fri, Jun 21, 1:45 AM · gpgagent, gnupg, Bug Report

Wed, Jun 19

dkg added a comment to T3464: successful decryption with session key reports failure if public key is unknown.

without feedback, i have no idea what you want to do here as upstream. I believe this issue has identified a specific failing use case, and it has a patch that fixes the problem. if there's a problem, please let me know what it is. If there's no problem, please consider merging.

Wed, Jun 19, 11:21 PM · gnupg (gpg22), gpgme, Bug Report
dkg added a comment to T4566: dirmngr fails with HTTP 302 redirection to hkps.

Any word on this? i've pushed a fix for this into debian experimental as a part of 2.2.16-2, but i am concerned that there's no adoption from upstream. If there's a reason that this is the wrong fix, please do let me know!

Wed, Jun 19, 7:06 PM · gnupg (gpg22), dirmngr, Bug Report
werner triaged T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32 as Normal priority.
Wed, Jun 19, 5:01 PM · gpgagent, gnupg, Bug Report
dkg created T4577: extended-key-format test of openpgp/decrypt-unwrap-verify.scm fails on sparc64 and x32.
Wed, Jun 19, 3:54 PM · gpgagent, gnupg, Bug Report
mrdave19 renamed T4573: Files encrypted on another platform using password based encryption (-c) intermittently fail to decrypt on Kleopatra from Files encrypted on another platform using password base encryption (-c) intermittently fail to decrypt on Kleopatra to Files encrypted on another platform using password based encryption (-c) intermittently fail to decrypt on Kleopatra.
Wed, Jun 19, 3:40 PM · kleopatra, gnupg (gpg22), Bug Report
gniibe changed the status of T4574: Change #!/bin/sh to #!/bin/bash in libgpg-error-1.36/src/gpg-error-config-test.sh from Open to Testing.

Fixed in master, by using /usr/xpg4/bin/sh on Solaris.
Perhaps, some old Unix system like Tru64 would need same care.

Wed, Jun 19, 2:18 AM · Bug Report

Tue, Jun 18

JJworx added a comment to T4576: Outlook window de-(half-)maximizes and misplaced after writing answer.

I noticed it happens after entering the passphrase, and only using the
inline editor to answer.

Tue, Jun 18, 5:13 PM · Bug Report, gpg4win
JJworx created T4576: Outlook window de-(half-)maximizes and misplaced after writing answer.
Tue, Jun 18, 2:55 PM · Bug Report, gpg4win
gniibe added a commit to T4574: Change #!/bin/sh to #!/bin/bash in libgpg-error-1.36/src/gpg-error-config-test.sh: rE7a7caf4ba1c4: build: Take care of POSIX shell path..
Tue, Jun 18, 9:51 AM · Bug Report
dkg added a comment to T4512: gpg's --keyserver option should be more robustly deprecated.

If we only need it for backward compatibility, then the configuration in gpg.conf should *not* be overriding the preferred, forward-looking form of the configuration (in dirmngr.conf). If it is low priority to fix this, then there will be a generation of GnuPG users and toolchains which deliberately configure the value in gpg.conf instead of dirmngr.conf because they'll know that's the more robust way to do it.

Tue, Jun 18, 2:56 AM · Documentation, gnupg (gpg22), Keyserver, dirmngr, Bug Report

Mon, Jun 17

werner added a comment to T4574: Change #!/bin/sh to #!/bin/bash in libgpg-error-1.36/src/gpg-error-config-test.sh.

@johng: I understand your problems and recall that Linux systems had a hard to time to replace all bashism with standard Posix. The problems with /bin/sh on Solaris seems to be even more persistent.

Mon, Jun 17, 9:05 AM · Bug Report
werner added a comment to T2919: fix gpgme/gpgsm pipe server session with use_descriptor_passing (was: mutt + gpgme problems with some Outlook S/MIME emails).

This seems to be closely related to T4257 for which I have a fix under test. The problem is that we pass the fd used by the caller to create the data object to gpgsm and close that very fd. The descriptor passing involves an implicit dup so closing is in theory okay but we should not close an fd which has been set (w/o dup) by the caller.

Mon, Jun 17, 8:38 AM · gpgme, Bug Report
werner closed T4569: Version 3.1.8 can not "Encrypt for others" as Resolved.

Fixed with gpg4win 3.1.9.

Mon, Jun 17, 8:20 AM · Bug Report, gpg4win
gniibe claimed T4574: Change #!/bin/sh to #!/bin/bash in libgpg-error-1.36/src/gpg-error-config-test.sh.

I wrote the script and the intention is supporting old systems using POSIX shell. Our goal here is: Not introducing (additional) dependency to Bash.

Mon, Jun 17, 2:16 AM · Bug Report
johngh added a comment to T4574: Change #!/bin/sh to #!/bin/bash in libgpg-error-1.36/src/gpg-error-config-test.sh.

Thanks for your feedback Werner.

Mon, Jun 17, 12:33 AM · Bug Report

Sun, Jun 16

werner changed the status of T4569: Version 3.1.8 can not "Encrypt for others" from Open to Testing.
Sun, Jun 16, 8:55 AM · Bug Report, gpg4win

Sat, Jun 15

aheinecke added a commit to T4569: Version 3.1.8 can not "Encrypt for others": rW61b170e17771: Add patch for libkleo to fix recipient selection.
Sat, Jun 15, 6:35 AM · Bug Report, gpg4win

Fri, Jun 14

werner added projects to T4573: Files encrypted on another platform using password based encryption (-c) intermittently fail to decrypt on Kleopatra: gnupg (gpg22), kleopatra.
Fri, Jun 14, 11:52 AM · kleopatra, gnupg (gpg22), Bug Report
werner updated the task description for T4573: Files encrypted on another platform using password based encryption (-c) intermittently fail to decrypt on Kleopatra.
Fri, Jun 14, 11:47 AM · kleopatra, gnupg (gpg22), Bug Report
werner added a comment to T4574: Change #!/bin/sh to #!/bin/bash in libgpg-error-1.36/src/gpg-error-config-test.sh.

This is all valid Bourne shell syntax. In detail:

Fri, Jun 14, 11:42 AM · Bug Report