[Announce] GnuPG Made Easy (GPGME) 1.11.1 released
sergi at calcurco.cat
Thu Apr 19 10:33:14 CEST 2018
I didn't realise about newer releases of libgpg-error and I've first try
to compile gpgme with libgpg-error 1.27 with a compilation error.
The configure checks this library version but seems outdated:
> checking for GPG Error - version >= 1.24... yes (1.27)
Once updated to 1.29 it works. Also works with 1.28, but I've seen some
unused params warning for 'gpgme-json.c' that is not present later on 1.29.
The other dependency with libassuan, I was using 2.5.1 that, if I'm not
wrong is the last release.
I hope this helps.
Ps: the compilation error
./.libs/libgpgme.so: undefined reference to `gpgrt_log_debug'
with some previous warning about an implicit declaration of this
function in 'decrypt.c' and 'verify.c'
On 04/18/18 20:37, Werner Koch wrote:
> We are pleased to announce version 1.11.0 of GPGME.
> GnuPG Made Easy (GPGME) is a C language library that allows to add
> support for cryptography to a program. It is designed to make access to
> public key crypto engines like gpg and gpgsm easier for applications.
> GPGME provides a high-level crypto API for encryption, decryption,
> signing, signature verification, and key management. GPGME comes with
> language bindings for Common Lisp, C++, QT, Python 2 and 3.
> See https://gnupg.org/software/gpgme for more.
> Noteworthy changes in version 1.11.0
> * New encryption API to support direct key specification including
> hidden recipients option and taking keys from a file. This also
> allows to enforce the use of a subkey.
> * New encryption flag for the new API to enforce the use of plain
> mail addresses (addr-spec).
> * The import API can now tell whether v3 keys are skipped. These old
> and basically broken keys are not anymore supported by GnuPG 2.1.
> * The decrypt and verify API will now return the MIME flag as
> specified by RFC-4880bis.
> * The offline mode now has an effect on gpg by disabling all network
> access. [#3831]
> * A failed OpenPGP verification how returns the fingerprint of the
> intended key if a recent gpg version was used for signature
> * New tool gpgme-json as native messaging server for web browsers.
> As of now public key encryption and decryption is supported.
> Requires Libgpg-error 1.29.
> * New context flag "request-origin" which has an effect when used
> with GnuPG 2.2.6 or later.
> * New context flag "no-symkey-cache" which has an effect when used
> with GnuPG 2.2.7 or later.
> * New convenience constant GPGME_KEYLIST_MODE_LOCATE.
> * Improved the Python documentation.
> * Fixed a potential regression with GnuPG 2.2.6 or later.
> * Fixed a crash in the Python bindings on 32 bit platforms. [#3892]
> * Various minor fixes.
> You may download this library and its OpenPGP signature from:
> https://gnupg.org/ftp/gcrypt/gpgme/gpgme-1.11.0.tar.bz2 (1382k)
> or from ftp.gnupg.org. The SHA-1 checksum is
> 17772bf86eef70ab0c77cbb6df0b90f002af0030 gpgme-1.11.0.tar.bz2
> but you better check the integrity using the provided signature. See
> <https://gnupg.org/download/integrity_check.html> for details.
> Maintenance and development of GnuPG is mostly financed by donations.
> The GnuPG project currently employs one full-time developer and two
> contractors. Both work exclusivly on GnuPG and closely related software
> like Libgcrypt, GPGME and GPA.
> We have to thank all the people who helped the GnuPG project, be it
> testing, coding, translating, suggesting, auditing, administering the
> servers, spreading the word, answering questions on the mailing lists
> and with financial support.
> Happy hacking,
> Your GnuPG hackers
> This is an announcement only mailing list. Please send replies only to
> the gnupg-devel 'at' gnupg.org mailing list.
> List of Release Signing Keys:
> To guarantee that a downloaded GnuPG version has not been tampered by
> malicious entities we provide signature files for all tarballs and
> binary versions. The keys are also signed by the long term keys of
> their respective owners. Current releases are signed by one or more
> of these four keys:
> rsa2048 2011-01-12 [expires: 2019-12-31]
> Key fingerprint = D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6
> Werner Koch (dist sig)
> rsa2048 2014-10-29 [expires: 2019-12-31]
> Key fingerprint = 46CC 7308 65BB 5C78 EBAB ADCF 0437 6F3E E085 6959
> David Shaw (GnuPG Release Signing Key) <dshaw 'at' jabberwocky.com>
> rsa2048 2014-10-29 [expires: 2020-10-30]
> Key fingerprint = 031E C253 6E58 0D8E A286 A9F2 2071 B08A 33BD 3F06
> NIIBE Yutaka (GnuPG Release Key) <gniibe 'at' fsij.org>
> rsa3072 2017-03-17 [expires: 2027-03-15]
> Key fingerprint = 5B80 C575 4298 F0CB 55D8 ED6A BCEF 7E29 4B09 2E28
> Andre Heinecke (Release Signing Key)
> The keys are available at <https://gnupg.org/signature_key.html> and
> in any recently released GnuPG tarball in the file g10/distsigkey.gpg .
> Note that this mail has been signed by a different key.
> Gnupg-announce mailing list
> Gnupg-announce at gnupg.org
C797 490A C93E DB00 0615 680A FC1C 1CB6 8079 85E6
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 659 bytes
Desc: OpenPGP digital signature
More information about the Gnupg-devel