home.social

#endtoendcrypto — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #endtoendcrypto, aggregated by home.social.

  1. When looking at the changes towards the new 2.5.19 version of #GnuPG, there are many small things; like a way to use OCB for symmetric-only encryption, a few defect fixes and improvements.

    Not that exciting, but maintenance of the well known #LibrePGP, OpenPGPv4 and CMS capable crypto engine.... you may want to know anyhow. ;)

    lists.gnupg.org/pipermail/gnup
    dev.gnupg.org/T7998

    #GnuPG #EndtoEndCrypto #FreeSoftware

  2. When looking at the changes towards the new 2.5.19 version of , there are many small things; like a way to use OCB for symmetric-only encryption, a few defect fixes and improvements.

    Not that exciting, but maintenance of the well known , OpenPGPv4 and CMS capable crypto engine.... you may want to know anyhow. ;)

    lists.gnupg.org/pipermail/gnup
    dev.gnupg.org/T7998

  3. When looking at the changes towards the new 2.5.19 version of #GnuPG, there are many small things; like a way to use OCB for symmetric-only encryption, a few defect fixes and improvements.

    Not that exciting, but maintenance of the well known #LibrePGP, OpenPGPv4 and CMS capable crypto engine.... you may want to know anyhow. ;)

    lists.gnupg.org/pipermail/gnup
    dev.gnupg.org/T7998

    #GnuPG #EndtoEndCrypto #FreeSoftware

  4. When looking at the changes towards the new 2.5.19 version of #GnuPG, there are many small things; like a way to use OCB for symmetric-only encryption, a few defect fixes and improvements.

    Not that exciting, but maintenance of the well known #LibrePGP, OpenPGPv4 and CMS capable crypto engine.... you may want to know anyhow. ;)

    lists.gnupg.org/pipermail/gnup
    dev.gnupg.org/T7998

    #GnuPG #EndtoEndCrypto #FreeSoftware

  5. When looking at the changes towards the new 2.5.19 version of #GnuPG, there are many small things; like a way to use OCB for symmetric-only encryption, a few defect fixes and improvements.

    Not that exciting, but maintenance of the well known #LibrePGP, OpenPGPv4 and CMS capable crypto engine.... you may want to know anyhow. ;)

    lists.gnupg.org/pipermail/gnup
    dev.gnupg.org/T7998

    #GnuPG #EndtoEndCrypto #FreeSoftware

  6. Dear GnuPG packagers and builders, please upgrade libgcrypt to v1.12.2 to remove a denial of service vulnerability (estimated CVSS 3.1: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H -- 7.5 (HIGH)) Releases of other stable versions of libgcrypt are available as well.

    (GnuPG versions >= 2.5.7 are not affected due to the use of a different encryption API.)

    See lists.gnupg.org/pipermail/gnup for details.

    #GnuPG #EndtoEndCrypto #FreeSoftware #LibrePGP

  7. Dear GnuPG packagers and builders, please upgrade libgcrypt to v1.12.2 to remove a denial of service vulnerability (estimated CVSS 3.1: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H -- 7.5 (HIGH)) Releases of other stable versions of libgcrypt are available as well.

    (GnuPG versions >= 2.5.7 are not affected due to the use of a different encryption API.)

    See lists.gnupg.org/pipermail/gnup for details.

  8. Dear GnuPG packagers and builders, please upgrade libgcrypt to v1.12.2 to remove a denial of service vulnerability (estimated CVSS 3.1: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H -- 7.5 (HIGH)) Releases of other stable versions of libgcrypt are available as well.

    (GnuPG versions >= 2.5.7 are not affected due to the use of a different encryption API.)

    See lists.gnupg.org/pipermail/gnup for details.

    #GnuPG #EndtoEndCrypto #FreeSoftware #LibrePGP

  9. Dear GnuPG packagers and builders, please upgrade libgcrypt to v1.12.2 to remove a denial of service vulnerability (estimated CVSS 3.1: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H -- 7.5 (HIGH)) Releases of other stable versions of libgcrypt are available as well.

    (GnuPG versions >= 2.5.7 are not affected due to the use of a different encryption API.)

    See lists.gnupg.org/pipermail/gnup for details.

    #GnuPG #EndtoEndCrypto #FreeSoftware #LibrePGP

  10. Dear GnuPG packagers and builders, please upgrade libgcrypt to v1.12.2 to remove a denial of service vulnerability (estimated CVSS 3.1: AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H -- 7.5 (HIGH)) Releases of other stable versions of libgcrypt are available as well.

    (GnuPG versions >= 2.5.7 are not affected due to the use of a different encryption API.)

    See lists.gnupg.org/pipermail/gnup for details.

    #GnuPG #EndtoEndCrypto #FreeSoftware #LibrePGP

  11. Details about the (ongoing) response to gpg.fail/ from GnuPG's side:

    * gnupg.org/blog/20251226-cleart
    * dev.gnupg.org/T7906 Memory Corruption in ASCII-Armor Parsing
    * dev.gnupg.org/T7900 (overview)

    Please upgrade to GnuPG 2.5.16, 2.4.9 or #Gpg4win 5.0.0-beta479 which already have the fix for what (currently) is seen to be the only major defect: T7906.

    (Researchers - Thanks! - found defects in GnuPG, Sequoia-PG, Minisign and age.)

    #EndtoEndCrypto #LibrePGP #GnuPG #Security

  12. Details about the (ongoing) response to gpg.fail/ from GnuPG's side:

    * gnupg.org/blog/20251226-cleart
    * dev.gnupg.org/T7906 Memory Corruption in ASCII-Armor Parsing
    * dev.gnupg.org/T7900 (overview)

    Please upgrade to GnuPG 2.5.16, 2.4.9 or 5.0.0-beta479 which already have the fix for what (currently) is seen to be the only major defect: T7906.

    (Researchers - Thanks! - found defects in GnuPG, Sequoia-PG, Minisign and age.)

  13. Details about the (ongoing) response to gpg.fail/ from GnuPG's side:

    * gnupg.org/blog/20251226-cleart
    * dev.gnupg.org/T7906 Memory Corruption in ASCII-Armor Parsing
    * dev.gnupg.org/T7900 (overview)

    Please upgrade to GnuPG 2.5.16, 2.4.9 or #Gpg4win 5.0.0-beta479 which already have the fix for what (currently) is seen to be the only major defect: T7906.

    (Researchers - Thanks! - found defects in GnuPG, Sequoia-PG, Minisign and age.)

    #EndtoEndCrypto #LibrePGP #GnuPG #Security

  14. Details about the (ongoing) response to gpg.fail/ from GnuPG's side:

    * gnupg.org/blog/20251226-cleart
    * dev.gnupg.org/T7906 Memory Corruption in ASCII-Armor Parsing
    * dev.gnupg.org/T7900 (overview)

    Please upgrade to GnuPG 2.5.16, 2.4.9 or #Gpg4win 5.0.0-beta479 which already have the fix for what (currently) is seen to be the only major defect: T7906.

    (Researchers - Thanks! - found defects in GnuPG, Sequoia-PG, Minisign and age.)

    #EndtoEndCrypto #LibrePGP #GnuPG #Security

  15. Details about the (ongoing) response to gpg.fail/ from GnuPG's side:

    * gnupg.org/blog/20251226-cleart
    * dev.gnupg.org/T7906 Memory Corruption in ASCII-Armor Parsing
    * dev.gnupg.org/T7900 (overview)

    Please upgrade to GnuPG 2.5.16, 2.4.9 or #Gpg4win 5.0.0-beta479 which already have the fix for what (currently) is seen to be the only major defect: T7906.

    (Researchers - Thanks! - found defects in GnuPG, Sequoia-PG, Minisign and age.)

    #EndtoEndCrypto #LibrePGP #GnuPG #Security

  16. #GnuPG v2.5.14 is here to try.

    A no-brainer upgrade for those who use the 2.5 series already. You'd get some defects fixed and a new secret key export-import for the Post quantum cryptography (#PQC) algorithm "Kyber". RCF8332 for ssh is now supported.

    For others: the 2.5 series is good for Windows 64 and PQC. #LibrePGP #OpenPGPv4 #EndtoEndCrypto

    lists.gnupg.org/pipermail/gnup

  17. v2.5.14 is here to try.

    A no-brainer upgrade for those who use the 2.5 series already. You'd get some defects fixed and a new secret key export-import for the Post quantum cryptography () algorithm "Kyber". RCF8332 for ssh is now supported.

    For others: the 2.5 series is good for Windows 64 and PQC.

    lists.gnupg.org/pipermail/gnup

  18. #GnuPG v2.5.14 is here to try.

    A no-brainer upgrade for those who use the 2.5 series already. You'd get some defects fixed and a new secret key export-import for the Post quantum cryptography (#PQC) algorithm "Kyber". RCF8332 for ssh is now supported.

    For others: the 2.5 series is good for Windows 64 and PQC. #LibrePGP #OpenPGPv4 #EndtoEndCrypto

    lists.gnupg.org/pipermail/gnup

  19. #GnuPG v2.5.14 is here to try.

    A no-brainer upgrade for those who use the 2.5 series already. You'd get some defects fixed and a new secret key export-import for the Post quantum cryptography (#PQC) algorithm "Kyber". RCF8332 for ssh is now supported.

    For others: the 2.5 series is good for Windows 64 and PQC. #LibrePGP #OpenPGPv4 #EndtoEndCrypto

    lists.gnupg.org/pipermail/gnup

  20. #GnuPG v2.5.14 is here to try.

    A no-brainer upgrade for those who use the 2.5 series already. You'd get some defects fixed and a new secret key export-import for the Post quantum cryptography (#PQC) algorithm "Kyber". RCF8332 for ssh is now supported.

    For others: the 2.5 series is good for Windows 64 and PQC. #LibrePGP #OpenPGPv4 #EndtoEndCrypto

    lists.gnupg.org/pipermail/gnup

  21. @fdroidorg @Tutanota the original claim was protecting data and notification patterns. So that Google and Apple cannot see them. IMAPS and SMTPS is enough for this, only the network operators and the server operators can then see notifications and the data.

    If you want to do more, a standardized #endtoendcrypto solution for email is a good next step. Coming with some work. Like using OpenPGPv4/MIME (or LibrePGP/MIME, S/MIME). That protects even against the server provider to some extend.

  22. @DD9JN ... and #GnuPG v2.5.13 is a production ready version with improvements for PQC encryption and Windows.

    This version comes with a few smaller security improvements over the previous release, and reduces problems if several applications use GnuPG as crypto engine in the background.

    #OpenPGPv4 #LibrePGP #EndtoEndCrypto #FreeSoftware

  23. @DD9JN ... and v2.5.13 is a production ready version with improvements for PQC encryption and Windows.

    This version comes with a few smaller security improvements over the previous release, and reduces problems if several applications use GnuPG as crypto engine in the background.

  24. @DD9JN ... and #GnuPG v2.5.13 is a production ready version with improvements for PQC encryption and Windows.

    This version comes with a few smaller security improvements over the previous release, and reduces problems if several applications use GnuPG as crypto engine in the background.

    #OpenPGPv4 #LibrePGP #EndtoEndCrypto #FreeSoftware

  25. @DD9JN ... and #GnuPG v2.5.13 is a production ready version with improvements for PQC encryption and Windows.

    This version comes with a few smaller security improvements over the previous release, and reduces problems if several applications use GnuPG as crypto engine in the background.

    #OpenPGPv4 #LibrePGP #EndtoEndCrypto #FreeSoftware

  26. @DD9JN ... and #GnuPG v2.5.13 is a production ready version with improvements for PQC encryption and Windows.

    This version comes with a few smaller security improvements over the previous release, and reduces problems if several applications use GnuPG as crypto engine in the background.

    #OpenPGPv4 #LibrePGP #EndtoEndCrypto #FreeSoftware

  27. Back from the summer, #GnuPG 2.5.12 is now ready for production usage.
    And this includes the post-quantum cryptography encryption (#PQC) support which is the main feature of the 2.5 series. (Okay, there is also better support for 64bit Windows.)

    So give it a spin or point your favourite GNU/Linux distribution to it for packaging.

    lists.gnupg.org/pipermail/gnup

    #EndtoEndCrypto #LibrePGP #OpenPGPv4
    #FreeSoftware

  28. Back from the summer, 2.5.12 is now ready for production usage.
    And this includes the post-quantum cryptography encryption () support which is the main feature of the 2.5 series. (Okay, there is also better support for 64bit Windows.)

    So give it a spin or point your favourite GNU/Linux distribution to it for packaging.

    lists.gnupg.org/pipermail/gnup


  29. Back from the summer, #GnuPG 2.5.12 is now ready for production usage.
    And this includes the post-quantum cryptography encryption (#PQC) support which is the main feature of the 2.5 series. (Okay, there is also better support for 64bit Windows.)

    So give it a spin or point your favourite GNU/Linux distribution to it for packaging.

    lists.gnupg.org/pipermail/gnup

    #EndtoEndCrypto #LibrePGP #OpenPGPv4
    #FreeSoftware

  30. Back from the summer, #GnuPG 2.5.12 is now ready for production usage.
    And this includes the post-quantum cryptography encryption (#PQC) support which is the main feature of the 2.5 series. (Okay, there is also better support for 64bit Windows.)

    So give it a spin or point your favourite GNU/Linux distribution to it for packaging.

    lists.gnupg.org/pipermail/gnup

    #EndtoEndCrypto #LibrePGP #OpenPGPv4
    #FreeSoftware

  31. Back from the summer, #GnuPG 2.5.12 is now ready for production usage.
    And this includes the post-quantum cryptography encryption (#PQC) support which is the main feature of the 2.5 series. (Okay, there is also better support for 64bit Windows.)

    So give it a spin or point your favourite GNU/Linux distribution to it for packaging.

    lists.gnupg.org/pipermail/gnup

    #EndtoEndCrypto #LibrePGP #OpenPGPv4
    #FreeSoftware

  32. According to @ct_Magazin and the press release merlinux.eu/press/2025-05-14-r Russia sues the German company merlinux GmbH over Delta Chat, an email and #OpenPGP based #Endtoendcrypto messenger.

  33. #GnuPG's "public testing release series" has a new version 2.5.7.

    lists.gnupg.org/pipermail/gnup

    Remember:

    * It is for you, if you want to test the new
    post-quantum cryptography (PQC) features
    or the 64 Bit Windows support.

    * The series features Kyber (FIPS-203) as PQC encryption algorithm.

    A new Gpg4win 5 Beta is forthcoming in the next days.

    Technical details: dev.gnupg.org/T7671

    #LibrePGP #OpenPGPv4 #EndtoEndCrypto

  34. 's "public testing release series" has a new version 2.5.7.

    lists.gnupg.org/pipermail/gnup

    Remember:

    * It is for you, if you want to test the new
    post-quantum cryptography (PQC) features
    or the 64 Bit Windows support.

    * The series features Kyber (FIPS-203) as PQC encryption algorithm.

    A new Gpg4win 5 Beta is forthcoming in the next days.

    Technical details: dev.gnupg.org/T7671

  35. #GnuPG's "public testing release series" has a new version 2.5.7.

    lists.gnupg.org/pipermail/gnup

    Remember:

    * It is for you, if you want to test the new
    post-quantum cryptography (PQC) features
    or the 64 Bit Windows support.

    * The series features Kyber (FIPS-203) as PQC encryption algorithm.

    A new Gpg4win 5 Beta is forthcoming in the next days.

    Technical details: dev.gnupg.org/T7671

    #LibrePGP #OpenPGPv4 #EndtoEndCrypto

  36. #GnuPG's "public testing release series" has a new version 2.5.7.

    lists.gnupg.org/pipermail/gnup

    Remember:

    * It is for you, if you want to test the new
    post-quantum cryptography (PQC) features
    or the 64 Bit Windows support.

    * The series features Kyber (FIPS-203) as PQC encryption algorithm.

    A new Gpg4win 5 Beta is forthcoming in the next days.

    Technical details: dev.gnupg.org/T7671

    #LibrePGP #OpenPGPv4 #EndtoEndCrypto

  37. #GnuPG's "public testing release series" has a new version 2.5.7.

    lists.gnupg.org/pipermail/gnup

    Remember:

    * It is for you, if you want to test the new
    post-quantum cryptography (PQC) features
    or the 64 Bit Windows support.

    * The series features Kyber (FIPS-203) as PQC encryption algorithm.

    A new Gpg4win 5 Beta is forthcoming in the next days.

    Technical details: dev.gnupg.org/T7671

    #LibrePGP #OpenPGPv4 #EndtoEndCrypto

  38. If you are using the PDF viewer #Okular_from #Gpg4win, please upgrade to version 4.4.1 as this version fixes a severe vulnerability in the freetype library.

    :download: gpg4win.org/download.html

    Vulnerability details:
    euvd.enisa.europa.eu/enisa/EUV 🛡️

    There are other good things in Gpg4win 4.4.1, for example
    * improvements in the Outlook Add-in (GpgOL)
    * a better Kleopatra
    * GnuPG upgraded to v2.4.8

    #GnuPG #EndtoEndCrypto #FreeSoftware

  39. Better handling of certificates and public keys
    with #Gpg4win v4.4.0's improved crypto manager _Kleopatra_.

    It also comes with #GnuPG v2.4.7 for Windows. Workflows that profit from several signatures on a file
    profit as well.

    gpg4win.org/version4.4.html <-- see what else is new.

    #LibrePGP #OpenPGPv4 #EndtoEndCrypto #FreeSoftware

  40. Better handling of certificates and public keys
    with v4.4.0's improved crypto manager _Kleopatra_.

    It also comes with v2.4.7 for Windows. Workflows that profit from several signatures on a file
    profit as well.

    gpg4win.org/version4.4.html <-- see what else is new.

  41. Better handling of certificates and public keys
    with #Gpg4win v4.4.0's improved crypto manager _Kleopatra_.

    It also comes with #GnuPG v2.4.7 for Windows. Workflows that profit from several signatures on a file
    profit as well.

    gpg4win.org/version4.4.html <-- see what else is new.

    #LibrePGP #OpenPGPv4 #EndtoEndCrypto #FreeSoftware

  42. Better handling of certificates and public keys
    with #Gpg4win v4.4.0's improved crypto manager _Kleopatra_.

    It also comes with #GnuPG v2.4.7 for Windows. Workflows that profit from several signatures on a file
    profit as well.

    gpg4win.org/version4.4.html <-- see what else is new.

    #LibrePGP #OpenPGPv4 #EndtoEndCrypto #FreeSoftware

  43. Better handling of certificates and public keys
    with #Gpg4win v4.4.0's improved crypto manager _Kleopatra_.

    It also comes with #GnuPG v2.4.7 for Windows. Workflows that profit from several signatures on a file
    profit as well.

    gpg4win.org/version4.4.html <-- see what else is new.

    #LibrePGP #OpenPGPv4 #EndtoEndCrypto #FreeSoftware

  44. @DD9JN
    #GnuPG 2.4.5 comes with a number of improvements,
    that look small at first sight, but can be decisive
    if you have the use case. Like one additional NFC reader (ACR-122U)
    and one ECC card from D-Trust are supported. Or getting pubkeys
    from behind a proxy is fixed. Details: dev.gnupg.org/T6960
    MacOS build: lists.gnupg.org/pipermail/gnup
    #endtoendcrypto #FreeSoftware

  45. #Gpg4win v4.3.0 <- freshly announced.

    New is that encrypted files with email structure from disk can be shown.

    Kleopatra and the Outlook Add-in gain features and resilience for less common situations (like Apple mail attachments or unreliable S/MIME CRLs).

    Includes #GnuPG v2.4.4 and its many improvements.

    lists.wald.intevation.org/pipe

    #Endtoendcrypto #FreeSoftware

  46. Look at gpg4win.org/version4.2.html to see why freshly released #Gpg4win 4.2.0 makes a difference: Includes an experimental, lightweight PDF reader geared towards secure environments.(To use the validation and signing abilities of the included PDF Reader #Okular by #KDE today, you'd probably need to be an expert to configure the certs. Usability is planned to improve with later releases). Gpg4win is faster for large files and with many public keys. #GnuPG 2.4.3 included. #EndtoEndCrypto #OpenPGP

  47. Looking into #GnuPG 2.4.3, which is available now: It is a typical small point release which fixes some minor defects and improves the performance on Windows, especially for for large files.

    Noteworthy also: the default expiration time period for new public keys has been increased to 3 years and that there is a new PKCS#12 parser (yes GnuPG's gpgsm can do CMS for S/MiME ;) ).

    Announcement: lists.gnupg.org/pipermail/gnup
    Release Issue: dev.gnupg.org/T6509

    #EndtoEndCrypto #FreeSoftware #OpenPGP

  48. @fsf Thanks for promoting a decentral comunication solution - email and OpenPGP with GnuPG! As for the guide,: keyservers and the web of trust have lost quite a bit of relevance in recent years. What would be really cool is to select an email provider that offers the pubkeys via the web key directory. wiki.gnupg.org/WKD and bring your public key up there. #GnuPG #FreeSoftware #EndtoEndCrypto

  49. As #GnuPG user, get v2.2.36 (LTS), v2.3.7 or a fix from your GNU/Linux distribution! There is a nasty defect when transferring the verification status of a signature to the using application. With preconditions a signature can be forged.
    lists.gnupg.org/pipermail/gnup
    lists.gnupg.org/pipermail/gnup
    There is also a new #Gpg4win v4.0.3 release. #Security #EndtoEndCrypto #FreeSoftware

    For a third party desrcription see ubuntu.com/security/CVE-2022-3