GnuPG 2.2.28 (LTS) がリリースされた

30 years after #PGP 1.0 we are proud to announce a new GnuPG LTS release: 2.2.28: https://t.co/5YWuC6wrDH

— GNU Privacy Guard (@gnupg) June 10, 2021

• gpg: Auto import keys specified with --trusted-keys. [e7251be84c79]
• gpg: Allow decryption w/o public key but with correct card inserted. [e53f6037283e]
• gpg: Allow fingerprint based lookup with --locate-external-key. [2af217ecd7e4]
• gpg: Lookup a missing public key of the current card via LDAP. [b59af0e2a05a]
• gpg: New option --force-sign-key. [#4584]
• gpg: Use a more descriptive password prompt for symmetric decryption. [03f83bcda5d1]
• gpg: Do not use the self-sigs-only option for LDAP keyserver imports. [#5387]
• gpg: Keep temp files when opening images via xdg-open. [0441ed6e1c]
• gpg: Fix mailbox based search via AKL keyserver method. [22fe23f46d31]
• gpg: Fix sending an OpenPGP key with umlaut to an LDAP keyserver. [7bf8530e75d0]
• gpg: Allow ECDH with a smartcard returning only the x-coordinate. [b203325ce1]
• gpgsm: New option --ldapserver as an alias for --keyserver. Note that configuring servers in gpgsm and gpg is deprecated; please use the dirmngr configuration options.
• gpgsm: Support AES-GCM decryption. [b722fd755c77]
• gpgsm: Support decryption of password protected files. [6f31acac767f]
• gpgsm: Lock keyboxes also during a search to fix lockups on Windows. [#4505]
• agent: Skip unknown unknown ssh curves seen on cards. [bbf4bd3bfcb5]
• scdaemon: New option --pcsc-shared. [5eec40f3d827]
• scdaemon: Backport PKCS#15 card support from GnuPG 2.3 [7637d39fe20e]
• scdaemon: Fix CCID driver for SCM SPR332/SPR532. [#5297]
• scdaemon: Fix possible PC/SC removed card problem. [9d83bfb63968]
• scdaemon: Fix unblock PIN by a Reset Code with KDF. [#5413]
• scdaemon: Support compressed points. [96577e2e46e4]
• scdaemon: Prettify S/N for Yubikeys and fix reading for early Yubikey 5 tokens. [f8588369bcb0,#5442]
• dirmngr: New option --ldapserver to avoid the need for the separate dirmngr_ldapservers.conf file.
• dirmngr: The dirmngr_ldap wrapper has been rewritten to properly support ldap-over-tls and starttls for X.509 certificates and CRLs. [39815c023f03]
• dirmngr: OpenPGP LDAP keyservers may now also be configured using the same syntax as used for X.509 and CRL LDAP servers. This avoids the former cumbersome quoting rules and adds a flexible set of flags to control the connection. [2b4cddf9086f]
• dirmngr: The “ldaps” scheme of an OpenPGP keyserver URL is now interpreted as ldap-with-starttls on port 389. To use the non-standardized ldap-over-tls the new LDAP configuration method of the new attribute “gpgNtds” needs to be used. [55f46b33df08]
• dirmngr: Return the fingerprint as search result also for LDAP OpenPGP keyservers. This requires the modernized LDAP schema. [#5441]
• dirmngr: An OpenPGP LDAP search by a mailbox now ignores revoked keys. [b6f8cd7eef4b]
• gpgconf: Make runtime changes with non-default homedir work. [c8f0b02936c7]
• gpgconf: Do not translate an empty string to the PO file’s meta data. [#5363]
• gpgconf: Fix argv overflow if --homedir is used. [#5366]
• gpgconf: Return a new pseudo option “compliance_de_vs”. [9feffc03f364]
• gpgtar: Fix file size computation under Windows. [198b240b1955]
• Full Unicode support for the Windows command line. [#4398]
• Fix problem with Windows Job objects and auto start of our daemons. [#4333]
• i18n: In German always use “Passwort” instead of “Passphrase” in prompts.

Release-info: https://dev.gnupg.org/T5482