Mailing List Archive

[security] GPGME 1.5.1 and 1.4.4 released

I am pleased to announce version 1.5.1 of GPGME.

GnuPG Made Easy (GPGME) is a C language library that allows to add
support for cryptography to a program. It is designed to make access
to public key crypto engines as included in GnuPG easier for
applications. GPGME provides a high-level crypto API for encryption,
decryption, signing, signature verification, and key management.

This is a security fix release and it is suggested to update to this
version. Given that the 1.5 versions are quite new and implement
features which may raise problems with some software, I also released
version 1.4.4 with backported fixes.

* Noteworthy changes in version 1.5.1 (2014-07-30)

- Fixed possible overflow in gpgsm and uiserver engines.

- Added support for GnuPG 2.1's --with-secret option.

- Interface changes relative to the 1.5.0 release:

* Noteworthy changes in version 1.4.4 (2014-07-30)

- Fixed possible overflow in gpgsm and uiserver engines.

- Fixed possibled segv in gpgme_op_card_edit.

- Fixed minor memleaks and possible zombie processes.

- Fixed prototype inconsistencies and void pointer arithmetic.

* Download

You may download version 1.5.1 from: (943k)

You may download version 1.4.4 from: (936k)

SHA-1 checksums are:

a91c258e79acf30ec86a667e07f835e5e79342d8 gpgme-1.5.1.tar.bz2
1f9f668886c25467987a11c0d37c45e1ffe66b8e gpgme-1.4.4.tar.bz2

* Support

Please send questions regarding the use of GPGME to the gnupg-devel
mailing list:

If you need commercial support, you may want to consult this listing:

The driving force behind the development of the GnuPG system is my
company g10 Code. Maintenance and improvement of GnuPG and related
software takes up most of our resources. To allow us to continue our
work on free software, we ask to either purchase a support contract,
engage us for custom enhancements, or to donate money:



Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.