[git] GnuPG - branch, master, updated. gnupg-2.1.0-beta895-1-g436aa90
by Werner Koch
cvs at cvs.gnupg.org
Sun Oct 26 20:07:12 CET 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via 436aa90be753b59bfb82684ae9ed8ff40b8c14ae (commit)
from cdd899e160e03f6ed845b59381ce89c2de0b936a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 436aa90be753b59bfb82684ae9ed8ff40b8c14ae
Author: Werner Koch <wk at gnupg.org>
Date: Sun Oct 26 20:07:16 2014 +0100
doc: Re-formated some NEWS entries and added update notes to some.
--
diff --git a/NEWS b/NEWS
index b01c7c8..d371b80 100644
--- a/NEWS
+++ b/NEWS
@@ -1,28 +1,34 @@
Noteworthy changes in version 2.1.0 (unreleased)
------------------------------------------------
+ * This release introduces a lot of changes. Most of them are
+ internal and thus not user visible. However, some long standing
+ behavior has slightly changed and it is strongly suggested that an
+ existing "~/.gnupg" directory is backed up before this version is
+ used.
+
* gpg: All support for v3 (PGP 2) keys has been dropped. All
- signatures are now creates as v4 signatures.
+ signatures are now created as v4 signatures.
* gpg: With pinentry-0.9.0 the passphrase "enter again" prompt shows
up in the same window as the "new passphrase" prompt.
* gpg: Allow importing keys with duplicated long key ids.
- * Dirmngr may now be build without support for LDAP.
+ * dirmngr: May now be build without support for LDAP.
* For a complete list of changes see the lists of changes for the
- 2.1.0 beta versions below.
+ 2.1.0 beta versions below. Note that all relevant fixes from
+ versions 2.0.14 to 2.0.26 are also applied to this version.
-Noteworthy changes in version 2.1.0-beta864 (2014-10-03)
---------------------------------------------------------
+ [Noteworthy changes in version 2.1.0-beta864 (2014-10-03)]
- * gpg: Removed the GPG_AGENT_INFO related code. GnuPG does now only
- use a fixed socket name in its home directory.
+ * gpg: Removed the GPG_AGENT_INFO related code. GnuPG does now
+ always use a fixed socket name in its home directory.
* gpg: Renamed --gen-key to --full-gen-key and re-added a --gen-key
- command using less prompts.
+ command with less choices.
* gpg: Use SHA-256 for all signature types also on RSA keys.
@@ -33,11 +39,10 @@ Noteworthy changes in version 2.1.0-beta864 (2014-10-03)
* gpg: Fixed obsolete options parsing.
- * speedo: Improved the quick build system.
+ * Further improvements for the alternative speedo build system.
-Noteworthy changes in version 2.1.0-beta834 (2014-09-18)
---------------------------------------------------------
+ [Noteworthy changes in version 2.1.0-beta834 (2014-09-18)]
* gpg: Improved passphrase caching.
@@ -53,11 +58,11 @@ Noteworthy changes in version 2.1.0-beta834 (2014-09-18)
* dirmngr: Fixed the KS_FETCH command.
- * speedo: Downloads related packages and works for non-Windows.
+ * The speedo build system now downloads related packages and works
+ for non-Windows platforms.
-Noteworthy changes in version 2.1.0-beta783 (2014-08-14)
---------------------------------------------------------
+ [Noteworthy changes in version 2.1.0-beta783 (2014-08-14)]
* gpg: Add command --quick-gen-key.
@@ -88,24 +93,23 @@ Noteworthy changes in version 2.1.0-beta783 (2014-08-14)
* scdaemon: Remove the use of the pcsc-wrapper.
-Noteworthy changes in version 2.1.0-beta751 (2014-07-03)
---------------------------------------------------------
-
- * gpg: Make export of secret keys work again.
+ [Noteworthy changes in version 2.1.0-beta751 (2014-07-03)]
* gpg: Create revocation certificates during key generation.
* gpg: Create exported secret keys and revocation certifciates with
mode 0700
+ * gpg: The validity of user ids is now shown by default. To revert
+ this add "list-options no-show-uid-validity" to gpg.conf.
+
+ * gpg: Make export of secret keys work again.
+
* gpg: The output of --list-packets does now print the offset of the
packet and information about the packet header.
* gpg: Avoid DoS due to garbled compressed data packets. [CVE-2014-4617]
- * gpg: The validity of user ids is now shown by default. To revert
- this add "list-options no-show-uid-validity" to gpg.conf.
-
* gpg: Print more specific reason codes with the INV_RECP status.
* gpg: Cap RSA and Elgamal keysize at 4096 bit also for unattended
@@ -118,11 +122,15 @@ Noteworthy changes in version 2.1.0-beta751 (2014-07-03)
to build a partly working installer for Windows.
-Noteworthy changes in version 2.1.0-beta442 (2014-06-05)
---------------------------------------------------------
+ [Noteworthy changes in version 2.1.0-beta442 (2014-06-05)]
+
+ * gpg: Changed the format of key listings. To revert to the old
+ format the option --legacy-list-mode is available.
* gpg: Add experimental signature support using curve Ed25519 and
with a patched Libgcrypt also encryption support with Curve25519.
+ [Update: this encryption support has been removed from 2.1.0 until
+ we have agreed on a suitable format.]
* gpg: Allow use of Brainpool curves.
@@ -138,9 +146,6 @@ Noteworthy changes in version 2.1.0-beta442 (2014-06-05)
* gpg: Print a warning if the Gnome-Keyring-Daemon intercepts the
communication with the gpg-agent.
- * gpg: Changed the format of key listings. To revert to the old
- format the option --legacy-list-mode is available.
-
* gpg: New option --pinentry-mode.
* gpg: Fixed decryption using an OpenPGP card.
@@ -201,111 +206,110 @@ Noteworthy changes in version 2.1.0-beta442 (2014-06-05)
* All kind of other improvements - see the git log.
-Noteworthy changes in version 2.1.0beta3 (2011-12-20)
------------------------------------------------------
+ [Noteworthy changes in version 2.1.0beta3 (2011-12-20)]
- * Fixed regression in GPG's secret key export function.
+ * gpg: Fixed regression in the secret key export function.
- * Allowj generation of card keys up to 4096 bit.
+ * gpg: Allow generation of card keys up to 4096 bit.
- * Support the SSH confirm flag.
+ * gpgsm: Preliminary support for the validation model "steed".
- * The Assuan commands KILLAGENT and KILLSCD are working again.
+ * gpgsm: Improved certificate creation.
- * SCdaemon does not anymore block after changing a card (regression
- fix).
+ * agent: Support the SSH confirm flag.
- * gpg-connect-agent does now proberly display the help output for
- "SCD HELP" commands.
+ * agent: New option to select a passphrase mode. The loopback
+ mode may be used to bypass Pinentry.
- * Preliminary support for the GPGSM validation model "steed".
+ * agent: The Assuan commands KILLAGENT and KILLSCD are working again.
- * Improved certificate creation in GPGSM.
+ * scdaemon: Does not anymore block after changing a card (regression
+ fix).
- * New option for GPG_AGENT to select a passphrase mode. The loopback
- mode may be used to bypass Pinentry.
+ * tools: gpg-connect-agent does now proberly display the help output
+ for "SCD HELP" commands.
-Noteworthy changes in version 2.1.0beta2 (2011-03-08)
------------------------------------------------------
+ [Noteworthy changes in version 2.1.0beta2 (2011-03-08)]
- * TMPDIR is now also honored when creating a socket using
- --no-standard-socket and with symcryptrun's temp files.
+ * gpg: ECC support as described by draft-jivsov-openpgp-ecc-06.txt
+ [Update: now known as RFC-6637].
- * Fixed a bug where SCdaemon sends a signal to Gpg-agent running in
- non-daemon mode.
+ * gpg: Print "AES128" instead of "AES". This change introduces a
+ little incompatibility for tools using "gpg --list-config". We
+ hope that these tools are written robust enough to accept this new
+ algorithm name as well.
- * Print "AES128" instead of "AES". This change introduces a little
- incompatibility for tools using "gpg --list-config". We hope that
- these tools are written robust enough to accept this new algorithm
- name as well.
+ * gpgsm: New feature to create certificates from a parameter file.
+ Add prompt to the --gen-key UI to create self-signed certificates.
- * Fixed CRL loading under W32 (bug#1010).
+ * agent: TMPDIR is now also honored when creating a socket using
+ the --no-standard-socket option and with symcryptrun's temp files.
- * Fixed TTY management for pinentries and session variable update
- problem.
+ * scdaemon: Fixed a bug where scdaemon sends a signal to gpg-agent
+ running in non-daemon mode.
+
+ * dirmngr: Fixed CRL loading under W32 (bug#1010).
* Dirmngr has taken over the function of the keyserver helpers. Thus
we now have a specified direct interface to keyservers via Dirmngr.
LDAP, DNS and mail backends are not yet implemented.
- * ECC support for GPG as described by draft-jivsov-openpgp-ecc-06.txt.
-
- * New GPGSM feature to create certificates from a parameter file.
- Add prompt to the --gen-key UI to create self-signed certificates.
+ * Fixed TTY management for pinentries and session variable update
+ problem.
-Noteworthy changes in version 2.1.0beta1 (2010-10-26)
------------------------------------------------------
+ [Noteworthy changes in version 2.1.0beta1 (2010-10-26)]
- * Encrypted OpenPGP messages with trailing data (e.g. other OpenPGP
- packets) are now correctly parsed.
+ * gpg: secring.gpg is not anymore used but all secret key operations
+ are delegated to gpg-agent. The import command moves secret keys
+ to the agent.
- * The GPGSM --audit-log feature is now more complete.
+ * gpg: The OpenPGP import command is now able to merge secret keys.
- * The G13 tool for disk encryption key management has been added.
+ * gpg: Encrypted OpenPGP messages with trailing data (e.g. other
+ OpenPGP packets) are now correctly parsed.
- * The default for --include-cert is now to include all certificates
- in the chain except for the root certificate.
+ * gpg: Given sufficient permissions Dirmngr is started automagically.
- * Numerical values may now be used as an alternative to the
- debug-level keywords.
+ * gpg: Fixed output of "gpgconf --check-options".
- * Support DNS lookups for SRV, PKA and CERT on W32.
+ * gpg: Removed options --export-options(export-secret-subkey-passwd)
+ and --simple-sk-checksum.
- * New GPGSM option --ignore-cert-extension.
+ * gpg: New options --try-secret-key.
- * New and changed passphrases are now created with an iteration count
- requiring about 100ms of CPU work.
+ * gpg: Support DNS lookups for SRV, PKA and CERT on W32.
- * Support for Windows CE.
+ * gpgsm: The --audit-log feature is now more complete.
- * If the agent's --use-standard-socket option is active, all tools
- try to start and daemonize the agent on the fly. In the past this
- was only supported on W32; on non-W32 systems the new configure
- option --disable-standard-socket may now be used to disable this
- new default.
+ * gpgsm: The default for --include-cert is now to include all
+ certificates in the chain except for the root certificate.
- * Dirmngr is now a part of this package. Dirmngr is now also
- expected to run as a system service and the configuration
- directories are changed to the GnuPG name space.
+ * gpgsm: New option --ignore-cert-extension.
- * Given sufficient permissions Dirmngr is started automagically.
+ * g13: The G13 tool for disk encryption key management has been
+ added.
- * Fixed output of "gpgconf --check-options".
+ * agent: If the agent's --use-standard-socket option is active, all
+ tools try to start and daemonize the agent on the fly. In the past
+ this was only supported on W32; on non-W32 systems the new
+ configure option --disable-standard-socket may now be used to
+ disable this new default.
- * GPG does not anymore use secring.gpg but delegates all secret key
- operations to gpg-agent. The import command moves secret keys to
- the agent.
+ * agent: New and changed passphrases are now created with an
+ iteration count requiring about 100ms of CPU work.
- * The OpenPGP import command is now able to merge secret keys.
+ * dirmngr: Dirmngr is now a part of this package. It is now also
+ expected to run as a system service and the configuration
+ directories are changed to the GnuPG name space. [Update: 2.1.0
+ starts dirmngr on demand as user daemon.]
- * Removed GPG options:
- --export-options: export-secret-subkey-passwd
- --simple-sk-checksum
+ * Support for Windows CE. [Update: This has not been tested for the
+ 2.1.0 release]
- * New GPG options:
- --try-secret-key
+ * Numerical values may now be used as an alternative to the
+ debug-level keywords.
Noteworthy changes in version 2.0.13 (2009-09-04)
-----------------------------------------------------------------------
Summary of changes:
NEWS | 186 ++++++++++++++++++++++++++++++++++--------------------------------
1 file changed, 95 insertions(+), 91 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
More information about the Gnupg-commits
mailing list