Release Notes: With gpg-agent, by default users are now asked via the Pinentry whether they trust an X.509 root key. To prohibit interactive marking of such keys, the new option --no-allow-mark-trusted may be used. The command KEYINFO has options to add info from sshcontrol for gpg-agent. The included ssh agent now supports ECDSA keys. The new option --enable-putty-support allows gpg-agent to act on Windows as a Pageant replacement with full smartcard support. This release supports installation as a portable application under Windows.
Release Notes: Decryption using smartcards keys larger than 3072 now works. A new meta option ignore-invalid-option was introduced to allow using the same option file by other GnuPG versions. The hash algorithm is now printed for sig records in key listings. Invalid keyblock packets are now skipped during import to avoid a DoS. Ports from DNS SRV records are now correctly handled. Many further minor bugs were fixed.
Release Notes: The Yarom/Falkner flush+reload side-channel attack on RSA secret keys is now mitigated. IDEA was fixed for big-endian CPUs. The diagnostics for failed keyserver lookups were improved. Several further bugs and portability issues were fixed.
Release Notes: A corruption of the public keyring database on import of manipulated public keys was fixed. This issue was reported as CVE-2012-6085. Support for the old cipher algorithm IDEA was added. Small changes were made to increase compatibility with future OpenPGP and GnuPG features. Minor bugfixes were made.
Release Notes: A space-separated fingerprint is now accepted as a user ID, to ease copying and pasting. The longest key ID available is now used by default. Support for the original HKP keyserver has been dropped. The trustdb is now rebuilt after changing the option "--min-cert-level". The option "--cert-digest-algo" is now honored when creating a cert. Detection of JPEG files has been improved.