Release Notes: A serious and exploitable bug in processing encrypted packages, as reported in CVE-2006-6235, was fixed. A buffer overflow as reported in CVE-2006-6169 was fixed. A bug while decrypting certain compressed and encrypted messages was fixed. The option --s2k-count was added to set the number of times passphrase mangling is repeated. The option --passphrase-repeat was added to set the number of times to prompt for a new passphrase to be repeated. The license was adjusted with regards to helper programs indirectly linked to OpenSSL.
Release Notes: A corruption of the public keyring database on import of manipulated public keys was fixed. This issue was reported as CVE-2012-6085. Support for the old cipher algorithm IDEA was added. Small changes were made to increase compatibility with future OpenPGP and GnuPG features. Minor bugfixes were made.
Release Notes: A space-separated fingerprint is now accepted as a user ID, to ease copying and pasting. The longest key ID available is now used by default. Support for the original HKP keyserver has been dropped. The trustdb is now rebuilt after changing the option "--min-cert-level". The option "--cert-digest-algo" is now honored when creating a cert. Detection of JPEG files has been improved.
Release Notes: A space separated fingerprint is now accepted as a user ID. This allows you to copy and paste the fingerprint from the key listing. Support for the original HKP keyserver was removed. The trustdb is now rebuilt after changing the option --min-cert-level. JPEG detection was improved. More VMS patches are now included. File locking was made more portable. The 32-bit variant of the mingw-w64 toolchain is now supported. Minor bugs were fixed.
Release Notes: Compatibility with newer versions of libgcrypt was restored. dirmngr/gpgsm interaction was improved for OCSP. Card keys can now be generated up to 4096 bits. The SSH confirm flag is now supported, and SSH fingerprints are shown in SSH related pinentries.
Release Notes: More hash algorithms are now possible with the OpenPGP v2 card. gpg-agent now tests for a new gpg-agent.conf configuration file on a SIGHUP. The output of "gpgconf --check-options" was fixed. A bug where scdaemon sends a signal to gpg-agent running in non-daemon mode was fixed. TTY management for pinentries and a session variable update problem were fixed. Further minor bugfixes were made.