Download GnuPG 2.2.20

Version 2.2.20 of GnuPG has been released. GnuPG stands for GNU Privacy Guard and is also often abbreviated to GPG. This is a collection of tools for securing communication flows and data. It can be used to encrypt data and create digital signatures, and to provide a framework for public key cryptography. It supports both OpenPGP and s/mime standards. For more information, please refer to this page. The main changes made in this release are listed below.

Noteworthy changes in version 2.2.20

• Protect the error counter against overflow to guarantee that the tools can’t be tricked into returning success after an error.
• gpg: Make really sure that –verify-files always returns an error.
• gpg: Fix key listing –with-secret if a pattern is given. [#4061]
• gpg: Fix detection of certain keys used as default-key. [#4810]
• gpg: Fix default-key selection when a card is available. [#4850]
• gpg: Fix key expiration and key usage for keys created with a creation date of zero. [#4670]
• gpgsm: Fix import of some CR,LF terminated certificates. [#4847]
• gpg: New options –include-key-block and –auto-key-import to allow encrypted replies after an initial signed message. [#4856]
• gpg: Allow the use of a fingerprint with –trusted-key. [#4855]
• gpg: New property “fpr” for use by –export-filter.
• scdaemon: Disable the pinpad if a KDF DO is used. [#4832]
• dirmngr: Improve finding OCSP certificates. [#4536]
• Avoid build problems with LTO or gcc-10. [#4831]