[Announce] GnuPG 2.1.6 released

folkert folkert at vanheusden.com
Wed Jul 1 21:22:50 CEST 2015


Hi,

At least with gpg2 2.1.4-1 and gpgme 1.5.5-2 the passphrase callback
does not work.
When enabled I get the "secret key unusable" error, and without the
callback (enter passphrase via agent) it works fine.
If I remember correctly you stated that you need gpg2 v2.1 or better
for that to work:
https://lists.gnupg.org/pipermail/gnupg-devel/2015-May/029872.html

On Wed, Jul 01, 2015 at 03:19:19PM +0200, Werner Koch wrote:
> Hello!
> 
> The GnuPG Project is pleased to announce the availability of a new
> release of GnuPG modern: Version 2.1.6.
> 
> The GNU Privacy Guard (GnuPG) is a complete and free implementation
> of the OpenPGP standard which is commonly abbreviated as PGP.
> 
> GnuPG allows to encrypt and sign data and communication, features a
> versatile key management system as well as access modules for public key
> directories.  GnuPG itself is a command line tool with features for easy
> integration with other applications.  A wealth of frontend applications
> and libraries making use of GnuPG are available.  Since version 2 GnuPG
> provides support for S/MIME and Secure Shell in addition to OpenPGP.
> 
> GnuPG is Free Software (meaning that it respects your freedom). It can
> be freely used, modified and distributed under the terms of the GNU
> General Public License.
> 
> Three different branches of GnuPG are actively maintained:
> 
> - GnuPG "modern" (2.1) is the latest development with a lot of new
>   features.  This announcement is about this branch.
> 
> - GnuPG "stable" (2.0) is the current stable version for general use.
>   This is what most users are currently using.
> 
> - GnuPG "classic" (1.4) is the old standalone version which is most
>   suitable for older or embedded platforms.
> 
> You may not install "modern" (2.1) and "stable" (2.0) at the same
> time.  However, it is possible to install "classic" (1.4) along with
> any of the other versions.
> 
> 
> Noteworthy changes in version 2.1.6
> ===================================
> 
>  * agent: New option --verify for the PASSWD command.
> 
>  * gpgsm: Add command option "offline" as an alternative to
>    --disable-dirmngr.
> 
>  * gpg: Do not prompt multiple times for a password in pinentry
>    loopback mode.
> 
>  * Allow the use of debug category names with --debug.
> 
>  * Using gpg-agent and gpg/gpgsm with different locales will now show
>    the correct translations in Pinentry.
> 
>  * gpg: Improve speed of --list-sigs and --check-sigs.
> 
>  * gpg: Make --list-options show-sig-subpackets work again.
> 
>  * gpg: Fix an export problem for old keyrings with PGP-2 keys.
> 
>  * scd: Support PIN-pads on more readers.
> 
>  * dirmngr: Properly cleanup zombie LDAP helper processes and avoid
>    hangs on dirmngr shutdown.
> 
>  * Various other bug fixes.
> 
> 
> A detailed description of the changes found in the 2.1 branch can be
> found at <https://gnupg.org/faq/whats-new-in-2.1.html>.
> 
> Please be aware that there are still known bugs which we are working on.
> Check https://bugs.gnupg.org, https://wiki.gnupg.org, and the mailing
> list archives for known problems and workarounds.
> 
> 
> Getting the Software
> ====================
> 
> Please follow the instructions found at https://gnupg.org/download/ or
> read on:
> 
> GnuPG 2.1.6 may be downloaded from one of the GnuPG mirror sites or
> direct from its primary FTP server.  The list of mirrors can be found
> at <https://gnupg.org/mirrors.html>.  Note that GnuPG is not available
> at ftp.gnu.org.
> 
> On ftp.gnupg.org you find these files:
> 
>  ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.6.tar.bz2  (4802k)
>  ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-2.1.6.tar.bz2.sig
> 
> This is the GnuPG source code compressed using BZIP2 and its OpenPGP
> signature.
> 
>  ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.6_20150701.exe  (2577k)
>  ftp://ftp.gnupg.org/gcrypt/binary/gnupg-w32-2.1.6_20150701.exe.sig
> 
> This is an installer for Windows without graphical frontends except for
> a basic Pinentry tool.  Please de-install an installed Gpg4win version
> before trying this installer.  Note that on Window TLS access to
> keyservers is not yet available.  The sources used to build the
> installer can be found in the same directory with an ".tar.xz" suffix.
> 
> 
> Checking the Integrity
> ======================
> 
> In order to check that the version of GnuPG which you are going to
> install is an original and unmodified one, you can do it in one of
> the following ways:
> 
>  * If you already have a version of GnuPG installed, you can simply
>    verify the supplied signature.  For example to verify the signature
>    of the file gnupg-2.1.6.tar.bz2 you would use this command:
> 
>      gpg --verify gnupg-2.1.6.tar.bz2.sig gnupg-2.1.6.tar.bz2
> 
>    This checks whether the signature file matches the source file.
>    You should see a message indicating that the signature is good and
>    made by one or more of the release signing keys.  Make sure that
>    this is a valid key, either by matching the shown fingerprint
>    against a trustworthy list of valid release signing keys or by
>    checking that the key has been signed by trustworthy other keys.
>    See below for information on the signing keys.
> 
>  * If you are not able to use an existing version of GnuPG, you have
>    to verify the SHA-1 checksum.  On Unix systems the command to do
>    this is either "sha1sum" or "shasum".  Assuming you downloaded the
>    file gnupg-2.1.6.tar.bz2, you would run the command like this:
> 
>      sha1sum gnupg-2.1.6.tar.bz2
> 
>    and check that the output matches the next line:
> 
> 9e8157b3386da04760657ce3117fc4dc570c57c5  gnupg-2.1.6.tar.bz2
> a8cd2e7ab48abb94c126051df902e3380faf117e  gnupg-w32-2.1.6_20150701.exe
> 1d3e70504f993d1297f04564dfda222f8b68a96f  gnupg-w32-2.1.6_20150701.tar.xz
> 
> 
> 
> Release Signing Keys
> ====================
> 
> To guarantee that a downloaded GnuPG version has not been tampered by
> malicious entities we provide signature files for all tarballs and
> binary versions.  The keys are also signed by the long term keys of
> their respective owners.  Current releases are signed by one or more
> of these four keys:
> 
>   2048R/4F25E3B6 2011-01-12 [expires: 2019-12-31]
>   Key fingerprint = D869 2123 C406 5DEA 5E0F  3AB5 249B 39D2 4F25 E3B6
>   Werner Koch (dist sig)
> 
>   rsa2048/E0856959 2014-10-29 [expires: 2019-12-31]
>   Key fingerprint = 46CC 7308 65BB 5C78 EBAB  ADCF 0437 6F3E E085 6959
>   David Shaw (GnuPG Release Signing Key) <dshaw 'at' jabberwocky.com>
> 
>   rsa2048/33BD3F06 2014-10-29 [expires: 2016-10-28]
>   Key fingerprint = 031E C253 6E58 0D8E A286  A9F2 2071 B08A 33BD 3F06
>   NIIBE Yutaka (GnuPG Release Key) <gniibe 'at' fsij.org>
> 
>   rsa2048/7EFD60D9 2014-10-19 [expires: 2020-12-31]
>   Key fingerprint = D238 EA65 D64C 67ED 4C30  73F2 8A86 1B1C 7EFD 60D9
>   Werner Koch (Release Signing Key)
> 
> You may retrieve these files from a keyserver using this command
> 
>   gpg --keyserver hkp://keys.gnupg.net --recv-keys  \
>                   249B39D24F25E3B6 04376F3EE0856959 \
>                   2071B08A33BD3F06 8A861B1C7EFD60D9
> 
> The keys are also available at https://gnupg.org/signature_key.html and
> in any recently released GnuPG tarball in the file g10/distsigkey.gpg .
> Note that this mail has been signed using by a different key.
> 
> 
> Internationalization
> ====================
> 
> This version of GnuPG has support for 26 languages with Chinese,
> Czech, French, German, Japanese, Russian, and Ukrainian being almost
> completely translated (2075 different strings).
> 
> 
> Documentation
> =============
> 
> If you used GnuPG in the past you should read the description of
> changes and new features at doc/whats-new-in-2.1.txt or online at
> 
>   https://gnupg.org/faq/whats-new-in-2.1.html
> 
> The file gnupg.info has the complete user manual of the system.
> Separate man pages are included as well but they have not all the
> details available as are the manual.  It is also possible to read the
> complete manual online in HTML format at
> 
>   https://gnupg.org/documentation/manuals/gnupg/
> 
> or in Portable Document Format at
> 
>   https://gnupg.org/documentation/manuals/gnupg.pdf .
> 
> The chapters on gpg-agent, gpg and gpgsm include information on how
> to set up the whole thing.  You may also want search the GnuPG mailing
> list archives or ask on the gnupg-users mailing lists for advise on
> how to solve problems.  Many of the new features are around for
> several years and thus enough public knowledge is already available.
> 
> You may also want to follow postings at https://gnupg.org/blob/.
> 
> 
> Support
> ========
> 
> Please consult the archive of the gnupg-users mailing list before
> reporting a bug <https://gnupg.org/documentation/mailing-lists.html>.
> We suggest to send bug reports for a new release to this list in favor
> of filing a bug at <https://bugs.gnupg.org>.  For commercial support
> requests we keep a list of known service companies at:
> 
>   https://gnupg.org/service.html
> 
> If you are a developer and you may need a certain feature for your
> project, please do not hesitate to bring it to the gnupg-devel mailing
> list for discussion.
> 
> 
> Thanks
> ======
> 
> We have to thank all the people who helped with this release, be it
> testing, coding, translating, suggesting, auditing, administering the
> servers, spreading the word, and answering questions on the mailing
> lists.  Maintenance and development of GnuPG is possible due to many
> individual and corporate donations; for a list of non-anonymous donors
> see <https://gnupg.org/donate/kudos.html>.
> 
> 
> For the GnuPG hackers,
> 
>    Werner
> 
> 
> p.s.
> This is a announcement only mailing list.  Please send replies only to
> the gnupg-users at gnupg.org mailing list.
> 
> -- 
> Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.



> _______________________________________________
> Gnupg-announce mailing list
> Gnupg-announce at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-announce

> _______________________________________________
> Gnupg-devel mailing list
> Gnupg-devel at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-devel



Folkert van Heusden

-- 
To MultiTail einai ena polymorfiko ergaleio gia ta logfiles kai tin
eksodo twn entolwn. Prosferei: filtrarisma, xrwmatismo, sygxwneysi,
diaforetikes provoles. http://www.vanheusden.com/multitail/
----------------------------------------------------------------------
Phone: +31-6-41278122, PGP-key: 1F28D8AE, www.vanheusden.com



More information about the Gnupg-users mailing list