Mailing List Archive

new gnupg snapshot
Hi!

I have just released a new snapshot of GnuPG with version 1.0.4g.
Please note that this is a development version and may contain
severe bugs. However, I believe it is already pretty stable. This
should be one of the last snapshots before the release of 1.0.5
which I expect to happen within this month.

So, if you want to try it out, wait a day and get it from one of the
mirrors (http://www.gnupg.org/mirrors.html) or get it know at

ftp://ftp/gnupg.org/gcrypt/devel/gnupg-1.0.4g.tar.gz (1.8M)
ftp://ftp/gnupg.org/gcrypt/devel/gnupg-1.0.4g.tar.gz.sig

or as a patch file against the previous snapshot:

ftp://ftp/gnupg.org/gcrypt/devel/gnupg-1.0.4f-1.0.4g.diff.gz (80k)

MD5 checksums are:

a8072de04dbe4306829c69f0d3abba9b gnupg-1.0.4g.tar.gz

02564d89a3b18ff217936136a5d6f793 gnupg-1.0.4f-1.0.4g.diff.gz

Here is a list of important changes since 1.0.4:

* WARNING: The semantics of --verify have changed to address a problem
with detached signature detection. --verify now ignores signed material
given on stdin unless this is requested by using a "-" as the name for
the file with the signed material.

! Please check all your detached signature handling applications !
! and make sure that they don't pipe the signed material to stdin !
! without using a filename and "-" on the the command line. !

* Secret keys are no longer imported unless you use the new option
--allow-secret-key-import.

* There is now a notation of a primary user ID. For example this one is
printed with a signature verifaction as the first user ID, revoked user
IDs are not printed there anymore. I general the primary user ID is the
one with the latest self-signature.

* The verification status of self-signatures are now cached. To increase
the speed of key list operations for existing keys you can do the
following in yout GnuPG homedir (~/.gnupg):
$ cp pubring.gpg pubring.gpg.save
$ gpg --export-all >x
$ rm pubring.gpg
$ gpg --import x
Note, that only v4 keys (i.e no old RSA keys) benefit from this caching.

* Support for the gpg-agent from gpg 1.1 and other changes needed by
gpgme.

* Better LFS support.

* New option --ignore-crc-error

* Keyserver support for the W32 version.

* Corrected hash calculation for some inputs greater than 512M - it
was just wrong, so you might notice bad signature in some very
big files. It may be wise to keep an old copy of GnuPG around.


Have fun and please report bugs to gnupg-devel@gnupg.org.

Ciao,

Werner

--
Werner Koch Omnis enim res, quae dando non deficit, dum habetur
g10 Code et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions -- Augustinus
New GnuPG snapshot [ In reply to ]
Hi!

I have just released a new snapshot of GnuPG. This should be the
last one before the release of 1.0.5 which will be done RSN. I have
just wait for some translations to get finished.

If you want to have a look at this snapshot, get it from:

ftp://ftp.gnupg.org/gcrypt/devel/gnupg-1.0.4h.tar.gz (1906k)
ftp://ftp.gnupg.org/gcrypt/devel/gnupg-1.0.4h.tar.gz.sig

or get the diff file against the last snapshot:

ftp://ftp.gnupg.org/gcrypt/devel/gnupg-1.0.4g-1.0.4h.diff.gz (98k)

If you wait until tomorrow, most mirrors should have catched up.
The list of mirrors is available at http://www.gnupg.org/mirrors.html.

MD5 checksums of the above files are:

b0e53b13c8ce7e9e227cec6442a17023 gnupg-1.0.4h.tar.gz
a496b100afcd2f3aea0380b1fcaea54e gnupg-1.0.4g-1.0.4h.diff.gz

Please note that the old address ftp.guug.de has been replaced by
ftp.gnupg.org. However, the German Unix User Group is still
supporting this project by donating the new machine and paying for
the traffic.

Have fun,

Werner


--
Werner Koch Omnis enim res, quae dando non deficit, dum habetur
g10 Code GmbH et non datur, nondum habetur, quomodo habenda est.
Privacy Solutions -- Augustinus