[Announce] GnuPG 1.3.5 released (development)

David Shaw dshaw at jabberwocky.com
Fri Feb 27 02:12:11 CET 2004

Hash: SHA1


The latest release from the development branch of GnuPG is ready for
public consumption.  This is a branch to create what will eventually
become GnuPG 1.4.  It will change with greater frequency than the
1.2.x "stable" branch, which will mainly be updated for bug fix

The more GnuPG-familiar user is encouraged try this release (and the
ones that will follow in the 1.3.x branch), and report back any
problems to gnupg-devel at gnupg.org.  In return, you get the latest code
with the latest features.

This release brings development fairly close to a good point for 1.4.
If there is something that you do not like here, be it a missing
feature, a UI choice, or, well, anything, now is the time to speak up.
Once 1.3.x becomes the new stable, large changes will be unlikely.
While we obviously cannot guarantee that every suggestion will be
included, they will all be looked at.

As always, note that while this code is stable enough for many uses,
it is still the development branch.  Mission-critical applications
should always use the 1.2.x stable branch.

The files are available from:

  ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.3.5.tar.gz        (1.9M)
  ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.3.5.tar.bz2       (1.5M)
  ftp://ftp.gnupg.org/gcrypt/alpha/gnupg/gnupg-1.3.4-1.3.5.diff.gz (323k)

MD5 checksums for the files are:

  e6b35d22f529ad8a625e46cdf224f1b0  gnupg-1.3.5.tar.gz
  c4b00adc6886cb2756124b3c46f3f677  gnupg-1.3.5.tar.bz2
  3074a3f469e22ad9d836a8fd909f1d8a  gnupg-1.3.4-1.3.5.diff.gz

Noteworthy changes in version 1.3.5 (2004-02-26)
- ------------------------------------------------

    * New --min-cert-level option to disregard key signatures that are
      under a specified level.

    * New --max-output option to limit the amount of plaintext output
      generated by GnuPG.  This option can be used by programs which
      call GnuPG to process messages that may result in plaintext
      larger than the calling program is prepared to handle.  This is
      sometimes called a "Decompression Bomb".

    * New --list-config command for frontends and other programs that
      call GnuPG.  See doc/DETAILS for the specifics of this.

    * Some performance improvements with large keyrings.  See
      --enable-key-cache=SIZE in the README file for details.

    * Some portability fixes for the OpenBSD/i386, HPPA, and AIX

    * New keyserver-option "http-proxy" to specify which proxy to use
      in the config file without using environment variables.

    * Added support for storing, retrieving, and searching for keys in
      LDAP servers.  Note that this is different than the "LDAP
      keyserver" which was already (and remains) supported.

    * Added support for TLS and LDAPS session encryption for LDAP.

    * --show-session-key/--override-session-key now works with
      --symmetric messages.

    * The configure options --enable-rsa and --disable-rsa can now be
      used to enable or disable RSA support.  This can be useful for
      embedded use where space is tight.  --enable-minimal includes

    * The last support for Elgamal sign+encrypt keys has been removed.

 The GnuPG team (David, Stefan, Timo and Werner)
Version: GnuPG v1.3.5-cvs (GNU/Linux)
Comment: Key available at http://www.jabberwocky.com/david/keys.asc


More information about the Gnupg-announce mailing list