GnuPG Changelog

New in version 2.0.28

July 29th, 2015
  • agent: Added support for an external password manager.
  • gpg: New command --list-gcrypt-config. * gpg: Issue NEWSIG status lines during signature verification.
  • gpgsm: The default hash algo for a CSR is now SHA-256 and the default encryption algo is AES-128.
  • scdaemon: Allow PC/SC reader selection by partial name match.
  • gpgtar: Fix extracting files with a size of a multiple of 512.
  • Fixed several other bugs.
  • Libgcrypt 1.5 is now required.

New in version 1.4.16 (December 19th, 2013)

  • A possible scenario is that the attacker places a sensor (for example a standard smartphone) in the vicinity of the targeted machine. That machine is assumed to do unattended RSA decryption of received mails, for example by using a mail client which speeds up browsing by opportunistically decrypting mails expected to be read soon. While listening to the acoustic emanations of the targeted machine, the smartphone will send new encrypted messages to that machine and re-construct the private key bit by bit. A 4096 bit RSA key used on a laptop can be revealed within an hour.

New in version 1.4.14 (July 27th, 2013)

  • The Yarom/Falkner flush+reload side-channel attack on RSA secret keys is now mitigated.
  • IDEA was fixed for big-endian CPUs.
  • The diagnostics for failed keyserver lookups were improved.
  • Several further bugs and portability issues were fixed.

New in version 1.4.11 (October 20th, 2010)

  • Bugs were fixed.
  • Portability changes were made.
  • Minor changes were made for better compatibility with GnuPG-2 (the modular implementation).

New in version 1.4.10 (September 3rd, 2009)

  • 2048 bit RSA keys are now generated by default.
  • The default hash algorithm preferences have changed to prefer SHA-256 over SHA-1.
  • 2048 bit DSA keys are now generated to use a 256 bit hash algorithm.
  • Support for v2 OpenPGP cards was added.
  • Support for the Camellia cipher (RFC-5581) was implemented.
  • Support for HKP keyservers over SSL ("HKPS") was added.
  • The algorithm for computing the SIG_ID status was changed to match the one used in version 2.0.10.
  • File locking was improved.
  • A memory leak which made imports of many keys very slow was fixed.
  • Many smaller bugs were fixed.