Download GnuPG 2.3.2

Version 2.3.2 of GnuPG has been released. GnuPG stands for GNU Privacy Guard and is also often abbreviated to GPG. This is a collection of tools for securing communication flows and data. It can be used to encrypt data and create digital signatures, and to provide a framework for public key cryptography. It supports both OpenPGP and s/mime standards. For more information, please refer to this page. The main changes made in this release are listed below.

Noteworthy changes in version 2.3.2:

• gpg: Allow fingerprint based lookup with –locate-external-key. [rGec36eca08c]
• gpg: Allow decryption w/o public key but with correct card inserted. [rG50293ec2eb]
• gpg: Auto import keys specified with –trusted-keys. [rG100037ac0f]
• gpg: Do not use import-clean for LDAP keyserver imports. [T5387]
• gpg: Fix mailbox based search via AKL keyserver method. [rG4fcfac6feb]
• gpg: Fix memory corruption with –clearsign introduced with 2.3.1. [T5430]
• gpg: Use a more descriptive prompt for symmetric decryption. [rG6dfae2f402]
• gpg: Improve speed of secret key listing. [rG40da61b89b]
• gpg: Support keygrip search with traditional keyring. [T5469]
• gpg: Let –fetch-key return an exit code on failure. [T5376]
• gpg: Emit the NO_SECKEY status again for decryption. [T5562]
• gpgsm: Support decryption or password-based encryption (pwri). [rGeeb65d3bbd]
• gpgsm: Support AES-GCM decryption. [rG4980fb3c6d]
• gpgsm: Let –dump-cert –show-cert also print an OpenPGP fingerprint. [rG52bbdc731f]
• gpgsm: Fix finding of issuer in use-keyboxd mode. [rG6b76693ff5]
• gpgsm: New option –ldapserver as an alias for –keyserver. [rG89df86157e]
• agent: Use SHA-256 for SSH fingerprint by default. [T5434]
• agent: Fix calling handle_pincache_put. [T5436]
• agent: Fix importing protected secret key. [T5122]
• agent: Fix a regression in agent_get_shadow_info_type. [T5393]
• agent: Add translatable text for Caps Lock hint. [T4950]
• agent: New option –pinentry-formatted-passphrase. [T5517]
• agent: Add checkpin inquiry for pinentry. [T5517,T5532]
• agent: New option –check-sym-passphrase-pattern. [T5517]
• agent: Use the sysconfdir for a pattern file.
• agent: Make QT_QPA_PLATFORMTHEME=qt5ct work for the pinentry. [rG1305baf099]
• dirmngr: LDAP search by a mailbox now ignores revoked keys. [rG1406f551f1]
• dirmngr: For KS_SEARCH return the fingerprint also with LDAP. [T5441]
• dirmngr: Allow for non-URL specified ldap keyservers. [T5452]
• dirmngr: New option –ldapserver. [rG52cf32ce2f]
• dirmngr: Fix regression in KS_GET for mail address pattern. [T5497]
• card: New option –shadow for the list command. [rG2fce99d73a]
• tests: Make sure the built keyboxd is used. [T5406]
• scd: Fix computing shared secrets for 512 bit curves. [rG9e24f2a45c]
• scd: Fix unlock PIN by a Reset Code with KDF. [T5413]
• scd: Fix PC/SC removed card problem. [rG8d81fd7c01]
• scd: Recover the partial match for PORTSTR for PC/SC. [rG53bdc6288f]
• scd: Make sure to release the PC/SC context. [T5416]
• scd: Fix zero-byte handling in ECC. [T5163]
• scd: Fix serial number detection for Yubikey 5. [T5442]
• scd: Add basic support for AET JCOP cards. [rG544ec7872a]
• scd: Detect external interference when –pcsc-shared is in use. [T5484]
• scd: Fix access to the list of cards. [T5524]
• gpgconf: Do not list a disabled tpm2d. [T5408]
• gpgconf: Make runtime changes with different homedir work. [rG31c0aa2ff3]
• keyboxd: Fix searching for exact mail adddress. [rGf79e9540ca]
• keyboxd: Fix searching with multiple patterns. [rG101ba4f18a]
• gpgtar: Fix file size computation under Windows. [rG14e36bdbe1]
• tools: Extend gpg-check-pattern. [rG73c03e0232]
• wkd: Fix client issue with leading or trailing spaces in user-ids. [rGb4345f7521]
• Under Windows add a fallback in case the console can’t cope with Unicode. [T5491]
• Under Windows use LOCAL_APPDATA for the socket directory. [T5537]
• Pass XDG_SESSION_TYPE and QT_QPA_PLATFORM envvars to Pinentry. [T3659]
• Change the default keyserver to keyserver.ubuntu.com. This is a temporary change due to the shutdown of the SKS keyserver pools. [rG55b5928099]