Noteworthy changes:
* gpg: Change the default key algorithm to rsa3072.
* gpg: Add regular expression support for Trust Signatures on all
platforms. [T4843]
* gpg: Fix regression in 2.2.21 with non-default --passphrase-repeat
option. [T4991]
* gpg: Ignore --personal-digest-prefs for ECDSA keys. [T5021]
* gpgsm: Make rsaPSS a de-vs compliant scheme.
* gpgsm: Show also the SHA256 fingerprint in key listings.
* gpgsm: Do not require a default keyring for --gpgconf-list. [T4867]
* gpg-agent: Default to extended key format and record the creation
time of keys. Add new option --disable-extended-key-format.
* gpg-agent: Support the WAYLAND_DISPLAY envvar. [T5016]
* gpg-agent: Allow using --gpgconf-list even if HOME does not
exist. [T4866]
* gpg-agent: Make the Pinentry work even if the envvar TERM is set
to the empty string. [T4137]
* scdaemon: Add a workaround for Gnuk tokens <= 2.15 which wrongly
incremented the error counter when using the "verify" command of
"gpg --edit-key" with only the signature key being present.
* dirmngr: Better handle systems with disabled IPv6. [T4977]
* gpgpslit: Install tool. It was not installed in the past to avoid
conflicts with the version installed by GnuPG 1.4. [T5023]
* gpgtar: Handle Unicode file names on Windows correctly (requires
libgpg-error 1.39). [T4083]
* gpgtar: Make --files-from and --null work as documented. [T5027]
* Build the Windows installer with the new Ntbtls 0.2.0 so that TLS
connections succeed for servers demanding GCM.