Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

gpg2-2.2.27-3.1 RPM for armv7hl

From OpenSuSE Ports Tumbleweed for armv7hl

Name: gpg2 Distribution: openSUSE Tumbleweed
Version: 2.2.27 Vendor: openSUSE
Release: 3.1 Build date: Fri Oct 22 14:42:26 2021
Group: Productivity/Networking/Security Build host: obs-arm-10
Size: 5259794 Source RPM: gpg2-2.2.27-3.1.src.rpm
Summary: File encryption, decryption, signature creation and verification utility
GnuPG is a hybrid-encryption software program; it uses a combination
of symmetric-key and public-key cryptography to encrypt/decrypt
messages and/or to sign and verify them.

gpg2 provides GPGSM, gpg-agent, and a keybox library.






* Wed Apr 07 2021 Andreas Stieger <>
  - Remove the "files-are-digests" option from the openSUSE package.
    This feature was not upstream and only used in the OBS signing
    daemon. The recommended upstream feature for separating the data
    to be signed from the private keys is gpg agent forwarding,
    available from 2.1. Drop gnupg-2.2.8-files-are-digests.patch
* Tue Jan 12 2021 Andreas Stieger <>
  - GnuPG 2.2.27:
    * gpgconf: Fix case with neither local nor global gpg.conf
    * gpgconf: Fix description of two new options
  - includes changes from 2.2.26:
    * gpg: New AKL method "ntds"
    * gpg: Fix --trusted-key with fingerprint arg
    * scd: Fix writing of ECC keys to an OpenPGP card
    * scd: Make an USB error fix specific to SPR532 readers
    * dirmngr: With new LDAP keyservers store the new attributes.
      Never store the useless pgpSignerID. Fix a long standing
      bug storing some keys on an ldap server.
    * dirmngr: Support the new Active Direcory LDAP schema for
    * dirmngr: Allow LDAP OpenPGP searches via fingerprint
    * dirmngr: Do not block other threads during keyserver LDAP calls
    * Support global configuration files
    * Fix the iconv fallback handling to UTF-8
* Mon Nov 23 2020 Andreas Stieger <>
  - GnuPG 2.2.25:
    * scd: Fix regression in 2.2.24 requiring gpg --card-status
      before signing or decrypting
    * gpgsm: Using Libksba 1.5.0 signatures with a rarely used
      combination of attributes can now be verified
* Tue Nov 17 2020 Andreas Stieger <>
  - GnuPG 2.2.24:
    * gpg: New command --quick-revoke-sig
    * gpg: Do not use weak digest algos if selected by recipient
      preference during sign+encrypt
    * gpg: Switch to AES256 for symmetric encryption in de-vs mode
    * gpg: Silence weak digest warnings with --quiet
    * gpg: Print new status line CANCELED_BY_USER for a cancel during
      symmetric encryption
    * gpg: Fix the encrypt+sign hash algo preference selection for
      ECDSA.  This is in particular needed for keys created from
      existing smartcard based keys
    * agent: Fix secret key import of GnuPG 2.3 generated Ed25519
    * agent: Keep some permissions of private-keys-v1.d
    * dirmngr: Align sks-keyservers.netCA.pem use between ntbtls and
      gnutls builds
    * dirmngr: Fix the pool keyserver case for a single host in the
    * scd: Fix the use case of verify_chv2 by CHECKPIN
    * scd: Various improvements to the ccid-driver
    * scd: Minor fixes for Yubikey
    * gpgconf: New option --show-versions
    * i18n: Complete overhaul and completion of the Italian
* Thu Sep 03 2020 Andreas Stieger <>
  - GnuPG 2.2.23:
    * gpg: fix AHEAD preference list overflow boo#1176034 /  CVE-2020-25125
    * gpg: fix possible segv in the key cleaning code
    * gpgsm: fix a minor RFC2253 parser gub
    * scdaemon: Fix a PIN verify failure on certain OpenPGP card
* Tue Sep 01 2020 Andreas Stieger <>
  - GnuPG 2.2.22:
    * gpg: Change the default key algorithm to rsa3072
    * gpg: Add regular expression support for Trust Signatures on
      all platforms
    * gpg: Ignore --personal-digest-prefs for ECDSA keys
    * gpgsm: Make rsaPSS a de-vs compliant scheme
    * gpgsm: Show also the SHA256 fingerprint in key listings
    * gpgsm: Do not require a default keyring for --gpgconf-list
    * gpg-agent: Default to extended key format and record the
      creation time of keys
      Add new option --disable-extended-key-format
    * gpg-agent: Support the WAYLAND_DISPLAY envvar
    * gpg-agent: Allow using --gpgconf-list even if HOME does not
    * gpg-agent: Make the Pinentry work even if the envvar TERM is
      set to the empty string
    * scdaemon: Add a workaround for Gnuk tokens <= 2.15 which
      wrongly incremented the error counter when using the
      "verify" command of "gpg --edit-key" with only the signature
      key being present
    * dirmngr: Better handle systems with disabled IPv6
    * gpgpslit: Install tool.  It was not installed in the past to
      avoid conflicts with the version installed by GnuPG 1.4
    * gpgtar: Make --files-from and --null work as documented
  - drop gnupg-gpgme-t-encrypt-sym.patch, upstream
* Tue Jul 14 2020 Pedro Monreal Gonzalez <>
  - Fix regression in latest gpg2 that makes gpgme fail to build [bsc#1174007]
  - Add gnupg-gpgme-t-encrypt-sym.patch
* Thu Jul 09 2020 Andreas Stieger <>
  - GnuPG 2.2.21:
    * gpg: Improve symmetric decryption speed by about 25%
    * gpg: Support decryption of AEAD encrypted data packets
    * gpg: Add option --no-include-key-block
    * gpg: Allow for extra padding in ECDH
    * gpg: Only a single pinentry is shown for symmetric encryption if
      the pinentry supports this
    * gpg: Print a note if no keys are given to --delete-key
    * gpg,gpgsm: The ridiculous passphrase quality bar is not anymore
    * gpgsm: Certificates without a CRL distribution point are now
      considered valid without looking up a CRL. The new option
    - -enable-issuer-based-crl-check can be used to revert to the
      former behaviour
    * gpgsm: Support rsaPSS signature verification
    * gpgsm: Unless CRL checking is disabled lookup a missing issuer
      certificate using the certificate's authorityInfoAccess
    * gpgsm: Print the certificate's serial number also in decimal
    * gpgsm: Fix possible NULL-deref in messages of --gen-key
    * scd: Support the CardOS 5 based D-Trust Card 3.1
    * dirmngr: Allow http URLs with "LOOKUP --url"
    * wkd: Take name of sendmail from configure. Fixes an OpenBSD
      specific bug
* Thu Apr 30 2020 Pedro Monreal Gonzalez <>
  - Fix gpgme and gpgme-qt builds on gpg2 2.2.20 update [bsc#1170811]
  - Refresh patches:
    * gnupg-2.2.8-files-are-digests.patch
    * gnupg-add_legacy_FIPS_mode_option.patch
* Fri Mar 20 2020 Andreas Stieger <>
  - GnuPG 2.2.20:
    * Protect the error counter against overflow to guarantee that the
      tools can't be tricked into returning success after an error
    * gpg: Make really sure that --verify-files always returns an error
    * gpg: Fix key listing --with-secret if a pattern is given
    * gpg: Fix detection of certain keys used as default-key
    * gpg: Fix default-key selection when a card is available
    * gpg: Fix key expiration and key usage for keys created with a
      creation date of zero
    * gpgsm: Fix import of some CR,LF terminated certificates
    * gpg: New options --include-key-block and --auto-key-import to
      allow encrypted replies after an initial signed message
    * gpg: Allow the use of a fingerprint with --trusted-key
    * gpg: New property "fpr" for use by --export-filter
    * scdaemon: Disable the pinpad if a KDF DO is used
    * dirmngr: Improve finding OCSP certificates
  - drop gpg2-gcc10-build-fno-common.patch, upstream
* Fri Mar 13 2020 Fabian Vogt <>
  - Split dirmngr into a subpackage to avoid a hard dependency of
    gpg2 on libgnutls
* Wed Feb 19 2020 Pedro Monreal Gonzalez <>
  - Fix build with GCC-10: [bsc#1160394]
    * Always use EXTERN_UNLESS_MAIN_MODULE pattern
    * In GCC-10, the default option -fcommon will change to -fno-common
  - Add gpg2-gcc10-build-fno-common.patch
* Fri Jan 10 2020 Pedro Monreal Gonzalez <>
  - Accept key updates even without UIDs [bsc#1143158]
  - Add patches:
    * gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch
    * gnupg-accept_subkeys_with_a_good_revocation_but_no_self-sig_during_import.patch
    * gnupg-add-test-cases-for-import-without-uid.patch
* Sat Dec 07 2019 Andreas Stieger <>
  - update to 2.2.19:
    * gpg: Fix double free when decrypting for hidden recipients
    * gpg: Use auto-key-locate for encryption even for mail addressed
      given with angle brackets
    * gpgsm: Add special case for certain expired intermediate
* Wed Nov 27 2019 Pedro Monreal Gonzalez <>
  - Update to 2.2.18 [bsc#1157900, CVE-2019-14855]
    * gpg: Changed the way keys are detected on a smartcards; this
      allows the use of non-OpenPGP cards.  In the case of a not very
      likely regression the new option --use-only-openpgp-card is
      available.  [#4681]
    * gpg: The commands --full-gen-key and --quick-gen-key now allow
      direct key generation from supported cards.  [#4681]
    * gpg: Prepare against chosen-prefix SHA-1 collisions in key
      signatures.  This change removes all SHA-1 based key signature
      newer than 2019-01-19 from the web-of-trust.  Note that this
      includes all key signature created with dsa1024 keys.  The new
      option --allow-weak-key-signatues can be used to override the new
      and safer behaviour.  [#4755,CVE-2019-14855]
    * gpg: Improve performance for import of large keyblocks.  [#4592]
    * gpg: Implement a keybox compression run.  [#4644]
    * gpg: Show warnings from dirmngr about redirect and certificate
      problems (details require --verbose as usual).
    * gpg: Allow to pass the empty string for the passphrase if the
      '--passphase=' syntax is used.  [#4633]
    * gpg: Fix printing of the KDF object attributes.
    * gpg: Avoid surprises with --locate-external-key and certain
    - -auto-key-locate settings.  [#4662]
    * gpg: Improve selection of best matching key.  [#4713]
    * gpg: Delete key binding signature when deletring a subkey.
    * gpg: Fix a potential loss of key sigantures during import with
      self-sigs-only active.  [#4628]
    * gpg: Silence "marked as ultimately trusted" diagnostics if
      option --quiet is used.  [#4634]
    * gpg: Silence some diagnostics during in key listsing even with
      option --verbose.  [#4627]
    * gpg, gpgsm: Change parsing of agent's pkdecrypt results.  [#4652]
    * gpgsm: Support AES-256 keys.
    * gpgsm: Fix a bug in triggering a keybox compression run if
    - -faked-system-time is used.
    * dirmngr: System CA certificates are no longer used for the SKS
      pool if GNUTLS instead of NTBTLS is used as TLS library.  [#4594]
    * dirmngr: On Windows detect usability of IPv4 and IPv6 interfaces
      to avoid long timeouts.  [#4165]
    * scd: Fix BWI value for APDU level transfers to make Gemalto Ezio
      Shield and Trustica Cryptoucan work.  [#4654,#4566]
    * wkd: gpg-wks-client --install-key now installs the required policy
  - Rebase patches:
    * gnupg-2.2.8-files-are-digests.patch
    * gnupg-add_legacy_FIPS_mode_option.patch
* Thu Sep 19 2019 Ludwig Nussel <>
  - Do not recommend lang package. The lang package already has a
* Thu Jul 11 2019 Pedro Monreal Gonzalez <>
  - Update to 2.2.17 [bsc#1141093]
    * gpg: Do not try the import fallback if the options are already used.
    * gpg: Fix regression in option "self-sigs-only".
    * gpg: With --auto-key-retrieve prefer WKD over keyservers.
    * gpg: Add "self-sigs-only" and "import-clean" to the keyserver options.
    * gpg: Avoid printing false AKL error message.
    * gpg: New command --locate-external-key.
    * gpg: Make the get_pubkey_byname interface easier to understand.
    * gpg: Fallback to import with self-sigs-only on too large keyblocks.
    * gpg: New import and keyserver option "self-sigs-only"
    * gpg: Make read_block in import.c more flexible.
    * dirmngr: fix handling of HTTPS redirections during HKP.
    * dirmngr: Avoid endless loop in case of HTTP error 503.
    * dirmngr: Do not rewrite the redirection for the "openpgpkey" subdomain.
    * dirmngr: Support the new WKD draft with the openpgpkey subdomain.
    * wkd: Change client/server limit back to 64 KiB.
    * tools: gpgconf: Killing order is children-first.
    * Return better error code for some getinfo IPC commands.
    * po: Update Russian translation.
* Wed Jun 19 2019 Jason Sikes <>
  - Fix secure memory being disabled before fips checks in libgcrypt [boo#1137307]
    * Added gnupg-2.2.16-secmem.patch
* Thu May 30 2019 Pedro Monreal Gonzalez <>
  - Update to 2.2.16
    * gpg: Fixed i18n markup of some strings.
    * gpg: Allow deletion of subkeys with --delete-[secret-]key.
    * gpg: Do not bail on an invalid packet in the local keyring.
    * gpg: Do not allow creation of user ids larger than our parser allows.
    * gpg: Do not delete any keys if --dry-run is passed.
    * gpg: Fix using --decrypt along with --use-embedded-filename.
    * gpg: Improve the photo image viewer selection.
    * gpg: enable OpenPGP export of cleartext keys with comments.
    * gpg: Do not print a hint to use the deprecated --keyserver option.
    * gpg: Change update_keysig_packet to replace SHA-1 by SHA-256.
    * gpg: Use just the addrspec from the Signer's UID.
    * gpg: Accept also armored data from the WKD.
    * gpg: Set a limit of 5 to the number of keys imported from the WKD.
    * gpg: Don't use EdDSA algo ID for ECDSA curves.
    * agent: Stop scdaemon after reload when disable_scdaemon.
    * agent: For SSH key, don't put NUL-byte at the end.
    * agent: correct length for uri and comment on 64-bit big-endian platforms
    * dirmngr: Allow for other hash algorithms than SHA-1 in OCSP.
    * dirmngr: Improve domaininfo cache update algorithm.
    * dirmngr: Better error code for http status 413.
    * g10: Fix possible null dereference.
    * g10: Fix double free when locating by mbox.
    * g10: Fix symmetric cipher algo constant for ECDH.
    * sm: Avoid confusing diagnostic for the default key.
    * sm: Fix a warning in an es_fopencooie function.
    * gpgconf: Before --launch check that the config file is fine.
    * gpgconf: Support --homedir for --launch.
    * build: Update m4/iconv.m4.
    * doc: correct documentation for gpgconf --kill.
    * scd: Add dummy option --application-priority.
    * common: Fix AWK portability.
* Thu Mar 28 2019 Karol Babioch <>
  - Update to 2.2.15
    * sm: Allow decryption even if expired keys are configured.
    * agent: Change command KEYINFO to print ssh fingerprints with other
      hash algos.
    * dirmngr: Fix build problems on Solaris due to the use of reserved
      symbol names.
    * wkd: New commands --print-wkd-hash and --print-wkd-url for
* Tue Mar 19 2019 Karol Babioch <>
  - Update to 2.2.14:
    * gpg: Allow import of PGP desktop exported secret keys. Also avoid
      importing secret keys if the secret keyblock is not valid.
    * gpg: Do not error out on version 5 keys in the local keyring.
    * gpg: Make invalid primary key algo obvious in key listings.
    * sm: Do not mark a certificate in a key listing as de-vs compliant
      if its use for a signature will not be possible.
    * sm: Fix certificate creation with key on card.
    * sm: Create rsa3072 bit certificates by default.
    * sm: Print Yubikey attestation extensions with --dump-cert.
    * agent: Fix cancellation handling for scdaemon.
    * agent: Support --mode=ssh option for CLEAR_PASSPHRASE.
    * scd: Fix flushing of the CA-FPR DOs in app-openpgp.
    * scd: Avoid a conflict error with the "undefined" app.
    * dirmngr: Add CSRF protection exception for protonmail.
    * dirmngr: Fix build problems with gcc 9 in libdns.
    * gpgconf: New option --show-socket for use wity --launch.
    * gpgtar: Make option -C work for archive creation.
  - Removed patches that are included upstream by now:
    - 0001-libdns-Avoid-using-compound-literals.patch
    - 0002-libdns-Avoid-using-compound-literals-2.patch
    - 0003-libdns-Avoid-using-compound-literals-3.patch
    - 0004-libdns-Avoid-using-compound-literals-4.patch
    - 0005-libdns-Avoid-using-compound-literals-5.patch
    - 0006-libdns-Avoid-using-compound-literals-6.patch
    - 0007-libdns-Avoid-using-compound-literals-7.patch
    - 0008-libdns-Avoid-using-compound-literals-8.patch
* Tue Feb 26 2019 Pedro Monreal Gonzalez <>
  - Fix build with gcc9 [bsc#1121223]
    * Avoid using compound literals
    - Upstream bug:
    * Added upstream patches:
    - 0001-libdns-Avoid-using-compound-literals.patch
    - 0002-libdns-Avoid-using-compound-literals-2.patch
    - 0003-libdns-Avoid-using-compound-literals-3.patch
    - 0004-libdns-Avoid-using-compound-literals-4.patch
    - 0005-libdns-Avoid-using-compound-literals-5.patch
    - 0006-libdns-Avoid-using-compound-literals-6.patch
    - 0007-libdns-Avoid-using-compound-literals-7.patch
    - 0008-libdns-Avoid-using-compound-literals-8.patch
* Fri Feb 22 2019
  - Allow coredumps in X11 desktop sessions (bsc#1124847)
    gpg-agent unconditionally disables coredumps, which is not
    supposed to happen in the code path that does just exec(argv[])
* Wed Feb 13 2019 Karol Babioch <>
  - Update to 2.2.13:
    * gpg: Implement key lookup via keygrip (using the & prefix).
    * gpg: Allow generating Ed25519 key from existing key.
    * gpg: Emit an ERROR status line if no key was found with -k.
    * gpg: Stop early when trying to create a primary Elgamal key.
    * gpgsm: Print the card's key algorithms along with their keygrips
      in interactive key generation.
    * agent: Clear bogus pinentry cache in the error case.
    * scd: Support "acknowledge button" feature.
    * scd: Fix for USB INTERRUPT transfer.
    * wks: Do no use compression for the the encrypted challenge and response.
    See-also: gnupg-announce/2019q1/000434.html
* Fri Dec 14 2018
  - Update to 2.2.12:
    * tools: New commands --install-key and --remove-key for
      gpg-wks-client.  This allows to prepare a Web Key Directory on a
      local file system for later upload to a web server.
    * gpg: New --list-option "show-only-fpr-mbox".  This makes the use
      of the new gpg-wks-client --install-key command easier on Windows.
    * gpg: Improve processing speed when --skip-verify is used.
    * gpg: Fix a bug where a LF was accidentally written to the console.
    * gpg: --card-status now shwos whether a card has the new KDF
      feature enabled.
    * agent: New runtime option --s2k-calibration=MSEC.  New configure
      option --with-agent-s2k-calibration=MSEC.  [#3399]
    * dirmngr: Try another keyserver from the pool on receiving a 502,
      503, or 504 error.  [#4175]
    * dirmngr: Avoid possible CSRF attacks via http redirects.  A HTTP
      query will not anymore follow a 3xx redirect unless the Location
      header gives the same host.  If the host is different only the
      host and port is taken from the Location header and the original
      path and query parts are kept.
    * dirmngr: New command FLUSHCRL to flush all CRLS from disk and
      memory.  [#3967]
* Thu Nov 08 2018 Cristian Rodríguez <>
  - Code no longer uses libcurl, remove from buildrequires.
* Tue Nov 06 2018 Karol Babioch <>
  - Update to 2.2.11:
    * gpgsm: Fix CRL loading when intermediate certicates are not yet trusted.
    * gpgsm: Fix an error message about the digest algo.
    * gpg: Fix a wrong warning due to new sign usage check introduced with 2.2.9.
    * gpg: Print the "data source" even for an unsuccessful keyserver query.
    * gpg: Do not store the TOFU trust model in the trustdb.
    * scd: Fix cases of "Bad PIN" after using "forcesig".
    * agent: Fix possible hang in the ssh handler.
    * dirmngr: Tack the unmodified mail address to a WKD request.
    * dirmngr: Tweak diagnostic about missing LDAP server file.
    * dirmngr: In verbose mode print the OCSP responder id.
    * dirmngr: Fix parsing of the LDAP port.
    * wks: Add option --directory/-C to the server.
    * wks: Add option --with-colons to the client.
    * Fix EBADF when gpg et al. are called by broken CGI scripts.
    * Fix some minor memory leaks and bugs.
* Thu Oct 04 2018 Bernhard Wiedemann <>
  - Make package build reproducible (boo#1047218)
* Thu Aug 30 2018
  - Update to 2.2.10:
    * Refresh expired keys originating from the WKD
    * Use a 256 KiB limit for a WKD imported key
    * New option --known-notation
    * dirmngr: Validate SRV records in WKD queries
* Wed Jul 25 2018
  - Add basic udev rules for smartcards to be used with
    scdaemon, taken from debian:
    * scdaemon.udev
* Fri Jul 13 2018
  - GnuPG 2.2.9:
    * dirmngr: Fix recursive resolver mode and other bugs in the
      libdns code
    * dirmngr: When using libgpg-error 1.32 or later a GnuPG build
      with NTBTLS support does not anymore block for dozens of
      seconds before returning data.
    * gpg: Fix bug in --show-keys which actually imported revocation
    * gpg: Ignore too long user-ID and comment packets
    * gpg: Fix crash due to bad German translation.  Improved printf
      format compile time check.
    * gpg: Handle missing ISSUER sub packet gracefully in the presence of
      the new ISSUER_FPR
    * gpg: Allow decryption using several passphrases in most cases.
    * gpg: Command --show-keys now enables the list options
      show-unusable-uids, show-unusable-subkeys, show-notations and
      show-policy-urls by default.
    * gpg: Command --show-keys now prints revocation certificates.
    * gpg: Add revocation reason to the "rev" and "rvs" records of the
      option --with-colons.  [#1173]
    * gpg: Export option export-clean does now remove certain expired
      subkeys; export-minimal removes all expired subkeys.
    * gpg: New "usage" property for the drop-subkey filters.
* Fri Jun 08 2018
  - Update to version 2.2.8:
    * gpg: Decryption of messages not using the MDC mode will now lead to a
      hard failure even if a legacy cipher algorithm was used. The option
    - -ignore-mdc-error can be used to turn this failure into a warning. Take
      care: Never use that option unconditionally or without a prior warning.
    * gpg: The MDC encryption mode is now always used regardless of the
      cipher algorithm or any preferences.  For testing --rfc2440 can be
      used to create a message without an MDC.
    * gpg: Sanitize the diagnostic output of the original file name in
      verbose mode (bsc#1096745, CVE-2018-12020)
    * gpg: Detect suspicious multiple plaintext packets in a more reliable way.
    * gpg: Fix the duplicate key signature detection code.
    * gpg: The options --no-mdc-warn, --force-mdc, --no-force-mdc,
    - -disable-mdc and --no-disable-mdc have no more effect.
    * agent: Add DBUS_SESSION_BUS_ADDRESS and a few other envvars to the
      list of startup environment variables.
  - Refresh gnupg-2.0.18-files-are-digests.patch
    to gnupg-2.2.8-files-are-digests.patch
* Fri May 04 2018
  - GnuPG 2.2.7:
    * gpg: New option --no-symkey-cache to disable the passphrase
      cache for symmetrical en- and decryption.
    * gpg: The ERRSIG status now prints the fingerprint if that is
      part of the signature
    * gpg: Relax emitting of FAILURE status lines
    * gpg: Add a status flag to "sig" lines printed with --list-sigs
    * gpg: Fix "Too many open files" when using --multifile
    * ssh: Return an error for unknown ssh-agent flags
    * dirmngr: Fix a CNAME problem with pools and TLS.  Also use a
      fixed mapping of to
    * dirmngr: Try resurrecting dead hosts earlier (from 3h to 1.5h)
    * dirmngr: Fallback to CRL if no default OCSP responder is
    * dirmngr: Implement CRL fetching via https.  Here a redirection
      to http is explictly allowed
    * agent,dirmngr: New sub-command "getenv" for "getinfo" to ease
* Tue Apr 10 2018
  - GnuPG 2.2.6:
    * gpg,gpgsm: New option --request-origin to pretend requests coming
      from a browser or a remote site.
    * gpg: Fix race condition on trustdb.gpg updates due to too early
      released lock.
    * gpg: Emit FAILURE status lines in almost all cases.
    * gpg: Implement --dry-run for --passwd to make checking a key's
      passphrase straightforward.
    * gpg: Make sure to only accept a certification capable key for key
    * gpg: Better user interaction in --card-edit for the factory-reset
    * gpg: Improve changing key attributes in --card-edit by adding an
      explicit "key-attr" sub-command.
    * gpg: Print the keygrips in the --card-status.
    * scd: Support KDF DO setup.
    * scd: Fix suspend/resume handling in the CCID driver.
    * agent: Evict cached passphrases also via a timer.
    * agent: Use separate passphrase caches depending on the request
    * ssh: Support signature flags.
    * dirmngr: Handle failures related to missing IPv6 support
    * Allow the use of UNC directory names as homedir.  [#3818]
  - Dropped gnupg-CVE-2018-9234.patch since it is included upstream
* Thu Apr 05 2018
  - Added gnupg-CVE-2018-9234.patch: Enforce that key certification
    can only be done with the master key, and not a signing subkey.
    (bnc#1088255 CVE-2018-9234)
* Sun Feb 25 2018
  - GnuPG 2.2.5:
    * gpg: Allow the use of the "cv25519" and "ed25519" short names
      in addition to the canonical curve names in --batch --gen-key
    * gpg: Make sure to print all secret keys with option --list-only
      and --decrypt
    * gpg: Fix the use of future-default with --quick-add-key for
      signing keys
    * gpg: Select a secret key by checking availability under
    * gpg: Fix reversed prompt texts for --only-sign-text-ids
    * gpg,gpgsm: Fix detection of bogus keybox blobs on 32 bit
    * gpgsm: Fix regression since 2.1 in --export-secret-key-raw
      which got $d mod (q-1)$ wrong
    * scd: Support the KDF Data Object of the OpenPGP card 3.3
    * scd: Fix a regression in the internal CCID driver for certain
      card readers
    * dirmngr: Improve returned error description on failure of DNS
    * wks: Implement command --install-key for gpg-wks-server.
* Thu Feb 22 2018
  - Use %license (boo#1082318)



Generated by rpm2html 1.8.1

Fabrice Bellet, Mon Nov 29 00:00:07 2021