GnuPG 2.2.36 released

Konstantin Ryabitsev konstantin at linuxfoundation.org
Wed Jul 13 18:55:48 CEST 2022


On Wed, Jul 13, 2022 at 09:22:36AM -0400, Todd Zullinger via Gnupg-users wrote:
> > Maybe it helps to report the problem of missing crypto algorithms to your
> > GNU/Linux distribution.
> 
> They aren't really missing but rather intentionally removed
> due to legal issues on Fedora/Red Hat.  This came up not so
> long ago:
> 
>     https://lists.gnupg.org/pipermail/gnupg-users/2022-May/066054.html

Correct. RH considers Brainpool curves potentially patent-encumbered.

> With the current Fedora (36), it's possible to enable these
> ciphers via '--with brainpool' when building the libgcrypt
> srpm.
> 
> Hopefully the legal issues will be cleared sometime soon and
> Fedora will stop stripping brainpool.
> 
> It's frustrating that the releases are signed with a cipher
> that cannot be verified on a reasonably popular distro.

Indeed! For now, I worked around by verifying the signature on the swdb.lst
file on a system where I have gnupg22-static installed, so I was able to build
updated packages for my copr repos.

Thanks,
-Konstantin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220713/2aaf44b2/attachment.sig>


More information about the Gnupg-users mailing list