[Announce] Libgcrypt 1.6.2 released

Shannon Crader scrader at carrollu.edu
Thu Aug 21 16:58:06 CEST 2014


Can anyone tell me how to remove myself from this list? I tried sending an email to the email listed on the site, but I haven't gotten a response and still get the emails.



-----Original Message-----
From: Gnupg-users [mailto:gnupg-users-bounces+scrader=carrollu.edu at gnupg.org] On Behalf Of Werner Koch
Sent: Thursday, August 21, 2014 8:39 AM
To: gnupg-announce at gnupg.org; info-gnu at gnu.org
Cc: gcrypt-devel at gnupg.org
Subject: [Announce] Libgcrypt 1.6.2 released


The GNU project is pleased to announce the availability of Libgcrypt version 1.6.2.  This is a maintenance release to fix problems found in the recently released versions.

Libgcrypt is a general purpose library of cryptographic building blocks.

It does not provide any implementation of OpenPGP or other protocols.

Thorough understanding of applied cryptography is required for proper use Libgcrypt.

Noteworthy changes in version 1.6.2 (2014-08-21) ================================================

* Map deprecated RSA algo number to the RSA algo number for better

   backward compatibility.

* Support a 0x40 compression prefix for EdDSA.

* Improve ARM hardware feature detection and building.

* Fix powerpc-apple-darwin detection

* Fix building for the x32 ABI platform.

* Support building using the latest mingw-w64 toolchain.

* Fix some possible NULL deref bugs.



Source code is hosted at the GnuPG FTP server and its mirrors as listed at http://www.gnupg.org/download/mirrors.html .  On the primary server the source tarball and its digital signature are:

ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.2.tar.bz2 (2418k)  ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.2.tar.bz2.sig

That file is bzip2 compressed.  A gzip compressed version is here:

ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.2.tar.gz (2874k)  ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.2.tar.gz.sig

Alternativley you may upgrade using this patch file:

ftp://ftp.gnupg.org/gcrypt/libgcrypt/libgcrypt-1.6.1-1.6.2.diff.bz2 (17k)

In order to check that the version of Libgcrypt you are going to build is an original and unmodified one, you can do it in one of the following


* Check the supplied OpenPGP signature.  For example to check the

   signature of the file libgcrypt-1.6.3.tar.bz2 you would use this


     gpg --verify libgcrypt-1.6.3.tar.bz2.sig

   This checks whether the signature file matches the source file.  You

   should see a message indicating that the signature is good and made

   by the release signing key 4F25E3B6 which is certified by my well

   known key 1E42B367.  To retrieve the keys you may use the command

   "gpg --fetch-key finger:wk at g10code.com".

* If you are not able to use GnuPG, you have to verify the SHA-1


     sha1sum libgcrypt-1.6.3.tar.bz2

   and check that the output matches the first line from the

   following list:

cc31aca87e4a3769cb86884a3f5982b2cc8eb7ec  libgcrypt-1.6.2.tar.bz2

cdaf2bdd5f34b20f4f9d926536673c15b857d2e6  libgcrypt-1.6.2.tar.gz

302592ec4183b727ad07bdd47fc4d50d717f42e2  libgcrypt-1.6.1-1.6.2.diff.bz2



Libgcrypt is distributed under the terms of the GNU Lesser General Public License (LGPLv2.1+).  The helper programs as well as the documentation are distributed under the terms of the GNU General Public License (GPLv2+).  The file LICENSES has notices about contributions that require these additional notices are distributed.



For help on developing with Libgcrypt you should read the included manual and optional ask on the gcrypt-devel mailing list [1].  A listing with commercial support offers for Libgcrypt and related software is available at the GnuPG web site [2].

The driving force behind the development of Libgcrypt is my company

g10 Code.  Maintenance and improvement of Libgcrypt and related software takes up most of our resources.  To allow us to continue our work on free software, we ask to either purchase a support contract, engage us for custom enhancements, or to donate money:




Many thanks to all who contributed to Libgcrypt development, be it bug fixes, code, documentation, testing or helping users.

Happy hacking,


[1] http://lists.gnupg.org/mailman/listinfo/gcrypt-devel

[2] https://www.gnupg.org/service.html


Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140821/4b60e3e5/attachment.html>

More information about the Gnupg-users mailing list