[Announce] GnuPG 2.1.17 released

Daniel Baur mls at dabpunkt.eu
Tue Dec 20 16:21:37 CET 2016

Am 20.12.2016 um 13:46 schrieb Christoph Moench-Tegeder:
> SHA1 (gnupg-2.1.17.tar.bz2) = d83ab893faab35f37ace772ca29b939e6a5aa6a7
> SHA1 (gnupg-2.1.17.tar.bz2.sig) = 34cea3e6d139cb340bf14f04ff217cb6960cf36d
> Or is that just me and a local issue?

it works for me (see below), but the sig-file I downloaded has another
hash (dfdfe72c4dd7e10bef283d25fa365cfa022305de) than yours, so maybe
there was an issue and it is fixed already?


PS: What’s “public key algorithm 22”?

-- snip ---

16:15:39dab at dabpc:/tmp$ LC_ALL=C gpg2 -v gnupg-2.1.17.tar.bz2.sig
:signature packet: algo 1, keyid 249B39D24F25E3B6
        version 4, created 1482242390, md5len 0, sigclass 0x00
        digest algo 8, begin of digest d8 f7
        hashed subpkt 33 len 21 (?)
        hashed subpkt 2 len 4 (sig created 2016-12-20)
        subpkt 16 len 8 (issuer key ID 249B39D24F25E3B6)
        data: [2046 bits]
gpg: assuming signed data in 'gnupg-2.1.17.tar.bz2'
gpg: Signature made Tue Dec 20 14:59:50 2016 CET
gpg:                using RSA key 0x249B39D24F25E3B6
gpg: can't handle public key algorithm 22
gpg: using PGP trust model
gpg: key 0x2D3EE2D42B255885: accepted as trusted key
gpg: Good signature from "Werner Koch (dist sig)" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the
Primary key fingerprint: D869 2123 C406 5DEA 5E0F  3AB5 249B 39D2 4F25 E3B6
gpg: binary signature, digest algorithm SHA256

-- snap ---

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 880 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20161220/50116325/attachment.sig>

More information about the Gnupg-users mailing list