Change Details

------ //(prev: T6307 next: tba)//

**Noteworthy changes in version 2.2.43** (2024-04-16) * gpg: Do not keep an unprotected smartcard backup key on disk. See https://gnupg.org/blog/20240125-smartcard-backup-key.html for a security advisory. [T6944] * gpg: Allow to create revocations even with non-compliant algos. [rG89c7eccba5] * gpg: Fix mixed invocation with --trusted-keys and --no-options. [T7025] * gpg: Make sure a DECRYPTION_OKAY is never issued for a bad OCB tag. [T7042] * gpg: Do not allow to accidently set the RENC usage. [T7072] * gpgsm: Allow PKCS#12 decryption with a longer salt value. [T6757] * agent: Allow simple KEYINFO command in restricted mode. [T7003] * agent: Consider an empty pattern file as valid. [rG509d0f76ce] * dirmngr: Avoid starting a second instance on Windows via GPGME based launching. [T6833] * dirmngr: Trust system's root CAs for checking CRL issuers. [T6963] * dirmngr: Fix the regression in 2.2.42 of use of proxy for TLS connection. [T6997] * scd: Fix corner case bug when changing to a shorter PIN with KDF enabled. [T6843] * gpgtar: Fix conveying of status lines from gpg when using stderr as status fd on Windows. [T6961] * gpgconf: Fix -X command for the new VERSION file format and change the output format. [T6918] * wkd: Make gpg-wks-client --mirror work w/o args. ------ //(prev: T6307 next: tba)//

**Noteworthy changes in version 2.2.43** (2024-04-16) * gpg: Do not keep an unprotected smartcard backup key on disk. See https://gnupg.org/blog/20240125-smartcard-backup-key.html for a security advisory. [T6944] * gpg: Allow to create revocations even with non-compliant algos. [rG89c7eccba5] * gpg: Fix mixed invocation with --trusted-keys and --no-options. [T7025] * gpg: Make sure a DECRYPTION_OKAY is never issued for a bad OCB tag. [T7042] * gpg: Do not allow to accidently set the RENC usage. [T7072] * gpgsm: Allow PKCS#12 decryption with a longer salt value. [T6757] * agent: Allow simple KEYINFO command in restricted mode. [T7003] * agent: Consider an empty pattern file as valid. [rG509d0f76ce] * dirmngr: Avoid starting a second instance on Windows via GPGME based launching. [T6833] * dirmngr: Trust system's root CAs for checking CRL issuers. [T6963] * dirmngr: Fix the regression in 2.2.42 of use of proxy for TLS connection. [T6997] * scd: Fix corner case bug when changing to a shorter PIN with KDF enabled. [T6843] * gpgtar: Fix conveying of status lines from gpg when using stderr as status fd on Windows. [T6961] * gpgconf: Fix -X command for the new VERSION file format and change the output format. [T6918] * wkd: Make gpg-wks-client --mirror work w/o args. ------ //(prev: T6307 next: tba)//