Keyring corruption with GnuPG 2.1.20

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu May 11 22:28:43 CEST 2017


On Wed 2017-05-10 14:56:20 +0200, Justus Winter wrote:

> unfortunately, GnuPG 2.1.20 has a bug that can lead to keyring
> corruptions when updating or deleting keys.
 [...]
> If you are using GnuPG 2.1.20 with the keyring format, a workaround is
> to convert your keyring to a keybox.  For this, follow:
>
> https://www.gnupg.org/faq/whats-new-in-2.1.html#keybox
>
> (Hat-tip to bmhatfield for the idea.)

on debian and derived systems, you can also use the helper tool:

   migrate-pubring-from-classic-gpg

which should be slightly more robust and also simpler to use than the
multistep sequence outlined in the FAQ.

> For more information see:
>
> https://dev.gnupg.org/T3123
>
> Packagers, please cherry-pick the following fix:
>
> https://dev.gnupg.org/rG22739433e98be80e46fe7d01d52a9627c1aebaae

Debian-specific note: 2.1.20 is only in debian's experimental
repository; the above patch should be present in 2.1.20-4, which was
uploaded to the experimental repo yesterday.  If you're running any
previous version of 2.1.20 from experimental, please upgrade!

thanks for the heads-up, Justus!

        --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: </pipermail/attachments/20170511/5e0c5645/attachment.sig>


More information about the Gnupg-devel mailing list