Release Notes: The user session daemon "gpg-agent" was implemented as the central place to maintain private keys and to cache passphrases. The application "gpgsm" was added as an implementation of the X.509 and CMS standards and the cryptographic core of the S/MIME protocol, helping to add S/MIME to applications currently supporting OpenPGP. Several other tools and daemons were added, such as "scdaemon" (for smart cards), "gpg-connect-agent", and "gpgconf". Support for the Secure Shell Agent protocol was added, allowing gpg-agent to be used as a full replacement for ssh-agent.
Release Notes: A serious and exploitable bug in processing encrypted packages, as reported in CVE-2006-6235, was fixed. A buffer overflow as reported in CVE-2006-6169 was fixed. A bug while decrypting certain compressed and encrypted messages was fixed. The option --s2k-count was added to set the number of times passphrase mangling is repeated. The option --passphrase-repeat was added to set the number of times to prompt for a new passphrase to be repeated. The license was adjusted with regards to helper programs indirectly linked to OpenSSL.
Release Notes: Two more possible memory allocation attacks, allowing denial of service attacks and possibly remote code execution, were fixed. More DSA2 tweaks were implemented. A Norwegian translation was added.
Release Notes: User IDs are now capped at 2048 bytes to avoid memory allocation attacks (as reported in CVE-2006-3082). Support for the SHA-224 hash has been added for better DSS compatibility. Support for the latest update to DSA keys and signatures has been added, allowing for larger keys than 1024 bits and hashes other than SHA-1 and RIPEMD/160.
Release Notes: Support for cURL based keyserver helpers was added. Public Key Association (PKA) signature verification was implemented. The "gpg-zip" program, to interact with PGP Zip files, was added. A new "minimize" command was added. A new "fetch-keys" command for retrieving keys from an HTTP, finger, or cURL supported URI was added. Support for fetching keys from DNS CERT records according to RFC2538bis was added.
Release Notes: Countermeasures against the Mister/Zuccherato CFB attack were added. Several card related options were added and bugs were fixed. A new experimental HTTP, HTTPS, FTP, and FTPS keyserver helper as well as an HKP keyserver using the cURL library were added. Options were added to control the import and export of unusable signatures, and for cleaning signatures from a key.
Release Notes: This release was ported to MS Windows. There were bugfixes and code cleanups.
Release Notes: This version includes many feature enhancements, bugfixes, code cleanups, documentation updates, and language translations. Feature enhancements include, but are not limited to, support for SHA256, SHA384, SHA512, BZip2 compression, plug-ins, key-fetching via HTTP and Finger, IPv6 for network connections to keyservers, optional PGP 7/ 8 key trust model, OpenPGP Smartcards, SELinux, and readline on prompts. Anything in GnuPG that is not in the new OpenPGP standard has been deprecated or removed.
Release Notes: Numerous major bugfixes.
Release Notes: This version updates Gettext, fixes a race condition, includes performance improvements for large keyrings, adds portability fixes, and includes extra command-line controls for controlling certificates and output.