home.social
Sign in Create account

#endtoendcrypto — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #endtoendcrypto, aggregated by home.social.

  1. GnuPG @[email protected] ·

    When looking at the changes towards the new 2.5.19 version of #GnuPG, there are many small things; like a way to use OCB for symmetric-only encryption, a few defect fixes and improvements.

    Not that exciting, but maintenance of the well known #LibrePGP, OpenPGPv4 and CMS capable crypto engine.... you may want to know anyhow. ;)

    lists.gnupg.org/pipermail/gnup
    dev.gnupg.org/T7998

    #GnuPG #EndtoEndCrypto #FreeSoftware

    #gnupg #librepgp #endtoendcrypto #freesoftware
  2. GnuPG @[email protected] ·

    Dear GnuPG packagers and builders, please upgrade libgcrypt to v1.12.2 to remove a denial of service vulnerability (estimated CVSS 3.1: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H -- 7.5 (HIGH)) Releases of other stable versions of libgcrypt are available as well.

    (GnuPG versions >= 2.5.7 are not affected due to the use of a different encryption API.)

    See lists.gnupg.org/pipermail/gnup for details.

    #GnuPG #EndtoEndCrypto #FreeSoftware #LibrePGP

    #gnupg #endtoendcrypto #freesoftware #librepgp
  3. GnuPG @[email protected] ·

    Details about the (ongoing) response to gpg.fail/ from GnuPG's side:

    * gnupg.org/blog/20251226-cleart
    * dev.gnupg.org/T7906 Memory Corruption in ASCII-Armor Parsing
    * dev.gnupg.org/T7900 (overview)

    Please upgrade to GnuPG 2.5.16, 2.4.9 or #Gpg4win 5.0.0-beta479 which already have the fix for what (currently) is seen to be the only major defect: T7906.

    (Researchers - Thanks! - found defects in GnuPG, Sequoia-PG, Minisign and age.)

    #EndtoEndCrypto #LibrePGP #GnuPG #Security

    #gpg4win #endtoendcrypto #librepgp #gnupg #security
  4. GnuPG @[email protected] ·

    If you are using the PDF viewer #Okular_from #Gpg4win, please upgrade to version 4.4.1 as this version fixes a severe vulnerability in the freetype library.

    :download: gpg4win.org/download.html

    Vulnerability details:
    euvd.enisa.europa.eu/enisa/EUV 🛡️

    There are other good things in Gpg4win 4.4.1, for example
    * improvements in the Outlook Add-in (GpgOL)
    * a better Kleopatra
    * GnuPG upgraded to v2.4.8

    #GnuPG #EndtoEndCrypto #FreeSoftware

    #gpg4win #gnupg #endtoendcrypto #freesoftware #okular_from
  5. GnuPG @[email protected] ·

    Better handling of certificates and public keys
    with #Gpg4win v4.4.0's improved crypto manager _Kleopatra_.

    It also comes with #GnuPG v2.4.7 for Windows. Workflows that profit from several signatures on a file
    profit as well.

    gpg4win.org/version4.4.html <-- see what else is new.

    #LibrePGP #OpenPGPv4 #EndtoEndCrypto #FreeSoftware

    #gpg4win #gnupg #librepgp #openpgpv4 #endtoendcrypto #freesoftware
  6. GnuPG @[email protected] ·

    #Gpg4win v4.3.0 <- freshly announced.

    New is that encrypted files with email structure from disk can be shown.

    Kleopatra and the Outlook Add-in gain features and resilience for less common situations (like Apple mail attachments or unreliable S/MIME CRLs).

    Includes #GnuPG v2.4.4 and its many improvements.

    lists.wald.intevation.org/pipe

    #Endtoendcrypto #FreeSoftware

    #freesoftware #endtoendcrypto #gnupg #gpg4win