From wk ΞΑ gnupg.org Tue Mar 15 17:53:36 2005 From: wk ΞΑ gnupg.org (Werner Koch) Date: Tue Mar 15 18:17:21 2005 Subject: [gnupg-ru] [Announce] GnuPG 1.4.1 released Message-ID: <873buw7svj.fsf@wheatstone.g10code.de> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello! We are pleased to announce the availability of a new stable GnuPG release: Version 1.4.1 The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication and data storage. It is a complete and free replacement of PGP and can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. Getting the Software ==================== Please follow the instructions found at http://www.gnupg.org/download/ or read on: GnuPG 1.4.1 may be downloaded from one of the GnuPG mirror sites or direct from ftp://ftp.gnupg.org/gcrypt/ . The list of mirrors can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG is not available at ftp.gnu.org. On the mirrors you should find the following files in the *gnupg* directory: gnupg-1.4.1.tar.bz2 (2756k) gnupg-1.4.1.tar.bz2.sig GnuPG source compressed using BZIP2 and OpenPGP signature. gnupg-1.4.1.tar.gz (3964k) gnupg-1.4.1.tar.gz.sig GnuPG source compressed using GZIP and OpenPGP signature. gnupg-1.4.0-1.4.1.diff.bz2 (650k) A patch file to upgrade a 1.4.0 GnuPG source. Select one of them. To shorten the download time, you probably want to get the BZIP2 compressed file. Please try another mirror if exceptional your mirror is not yet up to date. In the *binary* directory, you should find these files: gnupg-w32cli-1.4.1.exe (1406k) gnupg-w32cli-1.4.1.exe.sig GnuPG compiled for Microsoft Windows and OpenPGP signature. Note that this is a command line version and now comes with a graphical installer tool. The source files are the same as given above. Checking the Integrity ====================== In order to check that the version of GnuPG which you are going to install is an original and unmodified one, you can do it in one of the following ways: * If you already have a trusted version of GnuPG installed, you can simply check the supplied signature. For example to check the signature of the file gnupg-1.4.1.tar.bz2 you would use this command: gpg --verify gnupg-1.4.1.tar.bz2.sig This checks whether the signature file matches the source file. You should see a message indicating that the signature is good and made by that signing key. Make sure that you have the right key, either by checking the fingerprint of that key with other sources or by checking that the key has been signed by a trustworthy other key. Note, that you can retrieve the signing key using "finger wk 'at' g10code.com" or "finger dd9jn 'at' gnu.org" or using the keyservers. I recently prolonged the expiration date; thus you might need a fresh copy of that key. Never use a GnuPG version you just downloaded to check the integrity of the source - use an existing GnuPG installation! * If you are not able to use an old version of GnuPG, you have to verify the SHA-1 checksum. Assuming you downloaded the file gnupg-1.4.1.tar.bz2, you would run the sha1sum command like this: sha1sum gnupg-1.4.1.tar.bz2 and check that the output matches the first line from the following list: ebd16ef9d3fd3c38e38cf39e6347ed058fd12840 gnupg-1.4.1.tar.bz2 f8e982d5e811341a854ca9c15feda7d5aba6e09a gnupg-1.4.1.tar.gz db573a6c3707f65797b569efda7e0905c4c4469c gnupg-w32cli-1.4.1.exe Upgrade Information =================== If you are upgrading from a version prior to 1.0.7, you should run the script tools/convert-from-106 once. Please note also that due to a bug in versions prior to 1.0.6 it may not be possible to downgrade to such versions unless you apply the patch http://www.gnupg.org/developer/gpg-woody-fix.txt . If you have any problems, please see the FAQ and the mailing list archive at http://lists.gnupg.org. Please direct questions to the gnupg-users@gnupg.org mailing list. What's New =========== There are too many changes to list them here. Please check out the NEWS file or read the summary at the end of this announcement. Internationalization ==================== GnuPG comes with support for 28 languages: American English Indonesian (id)[*] Bela-Russian (be)[*] Italian (it)[*] Catalan (ca)[*] Japanese (ja) Czech (cs) Polish (pl)[*] Danish (da)[*] Brazilian Portuguese (pt_BR)[*] Dutch (nl)[*] Portuguese (pt)[*] Esperanto (eo)[*] Romanian (ro) Estonian (et)[*] Russian (ru)[*] Finnish (fi)[*] Slovak (sk)[*] French (fr) Spanish (es)[*] Galician (gl)[*] Swedish (sv)[*] German (de) [*] Traditional Chinese (zh_TW) Greek (el) [*] Simplified Chinese (zh_CN) Hungarian (hu) [*] Turkish (tr) [*] Languages marked with [*] were not updated for this release and you will most likely notice untranslated messages. Many thanks to the translators for their ongoing support of GnuPG. Due to a lot of stylistic changes to the strings and about 150 new strings, most translations are not up to date. However we don't think that this is reason enough to hold back the release. Updated translations will be added with the next releases. Future Directions ================= GnuPG 1.4.x is the current stable branch and will be kept as the easy to use and build single-executable versions. We plan to backport new features from the development series to 1.4. GnuPG 1.9.x is the new development series of GnuPG. This version merged the code from the Aegypten project and thus it includes the gpg-agent, a smartcard daemon and gpg's S/MIME cousin gpgsm. The design is different to the previous versions and we may not support all ancient systems - thus POSIX compatibility will be an absolute requirement for supported platforms. 1.9 is as of now based on an somewhat older 1.3 code but will peacefully coexist with other GnuPG versions. Support ======= Developing and maintaining GnuPG and related software is nothing one can do in the evening or on weekends. We all spend a lot of time and money on it. David is actually doing this in his spare time beside his day job; g10 Code employs Timo and Werner to work on this software and would appreciate to refinance it by entering into support contracts or other contributions. Thanks ====== We have to thank all the people who helped with this release, be it testing, coding, translating, suggesting, auditing, administering the servers, spreading the word or answering questions on the mailing lists. Kudos to David Shaw who did most of the new features in 1.4 and discussed various OpenPGP problems in lengths at several working groups. Happy Hacking, The GnuPG Team (David, Timo and Werner) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iEYEARECAAYFAkI3Eu4ACgkQYHhOlAEKV+1lTwCfSVtlldBYT2G3MZrxk+jHcH0i gYcAnArQgwu1RvaLp+713awo0QX6E6im =PGws -----END PGP SIGNATURE----- _______________________________________________ Gnupg-announce mailing list Gnupg-announce@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce From wk ΞΑ gnupg.org Tue Mar 15 18:22:11 2005 From: wk ΞΑ gnupg.org (Werner Koch) Date: Tue Mar 15 19:24:24 2005 Subject: [gnupg-ru] [Announce] GnuPG 1.4.1 News Message-ID: <87wts86czg.fsf@wheatstone.g10code.de> Hello! I forgot to insert the NEWS for 1.4.1; there are actually not that many as those for the last release. Here we go: * New --rfc2440-text option which controls how text is handled in signatures. This is in response to some problems seen with certain PGP/MIME mail clients and GnuPG version 1.4.0. More details about this are available at . * New "import-unusable-sigs" and "export-unusable-sigs" tags for --import-options and --export-options. These are off by default, and cause GnuPG to not import or export key signatures that are not usable (e.g. expired signatures). * New experimental HTTP, HTTPS, FTP, and FTPS keyserver helper that uses the cURL library to retrieve keys. This is disabled by default, but may be enabled with the configure option --with-libcurl. Without this option, the existing HTTP code is used for HTTP, and HTTPS, FTP, and FTPS are not supported. * When running a --card-status or --card-edit and a public key is available, missing secret key stubs will be created on the fly. Details of the key are listed too. * The implicit packet dumping in double verbose mode is now sent to stderr and not to stdout. * Added countermeasures against the Mister/Zuccherato CFB attack . * [W32] The algorithm for the default home directory changed: First we look at the environment variable GNUPGHOME, if this one is not set, we check whether the registry entry {HKCU,HKLM}\Software\GNU\GnuPG:HomeDir has been set. If this fails we use a GnuPG directory below the standard application data directory (APPDATA) of the current user. Only in the case that this directory cannot be determined, the old default of c:\gnupg will be used. The option --homedir still overrides all of them. * [W32] The locale selection under Windows changed. You need to enter the locale in the registry at HKCU\Software\GNU\GnuPG:Lang. For German you would use "de". If it is not set, GnuPG falls back to HKLM. The languages files "*.mo" are expected in a directory named "gnupg.nls" below the installation directory; that directory must be stored in the registry at the same key as above with the name "Install Directory". * Add new --edit-key command "bkuptocard" to allow restoring a card key from a backup. * The "fetch" command of --card-edit now retrieves the key using the default keyserver if no URL has been stored on the card. * New configure option --enable-noexecstack. Shalom-Salam, Werner -- Werner Koch The GnuPG Experts http://g10code.com Free Software Foundation Europe http://fsfeurope.org _______________________________________________ Gnupg-announce mailing list Gnupg-announce@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-announce