aboutsummaryrefslogtreecommitdiffstats
path: root/NEWS (unfollow)
Commit message (Collapse)AuthorFilesLines
2013-07-25Release 1.4.14.gnupg-1.4.14Werner Koch1-2/+2
2013-07-25Mitigate a flush+reload cache attack on RSA secret exponents.Werner Koch1-0/+9
* mpi/mpi-pow.c (mpi_powm): Always perform the mpi_mul for exponents hold in secure memory. -- The attack is described in a paper to be pusblished at eprint.iacr.org: Flush+Reload: a High Resolution, Low Noise, L3 Cache Side-Channel Attack by Yuval Yarom and Katrina Falkner. 18 July 2013. Flush+Reload is a cache side-channel attack that monitors access to data in shared pages. In this paper we demonstrate how to use the attack to extract private encryption keys from GnuPG. The high resolution and low noise of the Flush+Reload attack enables a spy program to recover over 98% of the bits of the private key in a single decryption or signing round. Unlike previous attacks, the attack targets the last level L3 cache. Consequently, the spy program and the victim do not need to share the execution core of the CPU. The attack is not limited to a traditional OS and can be used in a virtualised environment, where it can attack programs executing in a different VM. Signed-off-by: Werner Koch <[email protected]>
2012-12-20Post release updatesWerner Koch1-0/+4
--
2012-12-20Release 1.4.13.gnupg-1.4.13Werner Koch1-3/+4
2012-11-08Support the not anymore patented IDEA cipher algorithm.Werner Koch1-0/+8
* cipher/idea.c: New. Take from Libgcrypt master and adjust for direct use in GnuPG. * cipher/idea-stub.c: Remove. * cipher/Makefile.am: Add idea.c and remove idea-stub.c rules. * configure.ac: Remove idea-stub code. * g10/gpg.c (check_permissions): Remove code path for ITEM==2. (main): Make --load-extension a dummy option. * g10/keygen.c (keygen_set_std_prefs): Include IDEA only in PGP2 compatibility mode. * g10/misc.c (idea_cipher_warn): Remove. Also remove all callers. * g10/seckey-cert.c (do_check): Remove emitting of STATUS_RSA_OR_IDEA. * g10/status.c (get_status_string): Remove STATUS_RSA_OR_IDEA. * g10/status.h (STATUS_RSA_OR_IDEA): Remove. -- To keep the number of actually used algorithms low, we support IDEA only in a basically read-only way (unless --pgp2 is used during key generation). It does not make sense to suggest the use of this old 64 bit blocksize algorithm. However, there is old data available where it might be helpful to have IDEA available.
2012-01-30Release 1.4.12gnupg-1.4.12Werner Koch1-1/+18
2012-01-10Allow use of a standard space separated fingerprint.Werner Koch1-21/+24
We allow a single or a double space in the middle of the fingerprint to help with c+p fingerprints from an HTML pages which are not being enclosed in a "pre" tag. * g10/getkey.c (classify_user_id): Check for space separated GPG fingerprint. -- This is a backport of commit 957fe72 and 372fb4f.
2010-10-18Post release updatesWerner Koch1-0/+5
2010-10-18Prepare for 1.4.11Werner Koch1-3/+3
2010-09-23Preparing a release candidateWerner Koch1-1/+1
2010-08-31Minor fixesWerner Koch1-0/+2
2010-06-01Ignore some GnuPG-2 only options.Werner Koch1-0/+1
2010-05-12Fix bug 1179Werner Koch1-0/+1
2009-09-02Post release version number bumpWerner Koch1-0/+4
2009-09-02Preparing 1.4.10.Werner Koch1-1/+1
2009-08-13* NEWS: Note Camellia and hkps.David Shaw1-0/+4
2009-08-03(no commit message)Werner Koch1-3/+8
2009-07-21First set of changes to backport the new card code from 2.0.Werner Koch1-0/+4
For compatibility reasons a few new files had to be added. Also added estream-printf as this is now used in app-openpgp.c and provides a better and generic asprintf implementation than the hack we used for the W32 code in ttyio.c. Card code is not yet finished.
2009-05-06Fix for bug#1034.Werner Koch1-0/+2
2009-05-05Improve dotlocking.Werner Koch1-0/+2
Implement locking for W32.
2008-12-11Change the SIG_ID computation to match 2.0.10.Werner Koch1-0/+2
2008-04-30Ignore gpg2 introduced keywords for --auto-key-locate.Werner Koch1-1/+1
Minor W32 installer fix.
2008-03-26Post release version number bump.Werner Koch1-0/+5
2008-03-26prepare a release.gnupg-1.4.9Werner Koch1-2/+3
2008-03-25Change default keyserver.Werner Koch1-0/+1
2008-03-22Improved AES performance.Werner Koch1-0/+8
2007-12-20Preparing a releaseWerner Koch1-1/+1
2007-12-17Fixd a W32 problems with ldaps.Werner Koch1-1/+6
2007-12-13* NEWS: Note SHA-224 typo.David Shaw1-1/+4
2007-12-12Updated ZH po file.Werner Koch1-1/+8
Allow de/encryption using legacy type 20 keys. Updated config.{sub,guess}
2007-11-18* NEWS: Say a bit more about RFC-4880. Note some defaults changing.David Shaw1-2/+11
2007-11-16Preparing a release candidategnupg-1.4.8rc1Werner Koch1-0/+4
2007-10-23Switched to GPLv3.Werner Koch1-0/+1
Updated gettext.
2007-08-24Improved detection of ketrings specified several times.Werner Koch1-1/+2
2007-07-09Add an extra warning for Camellia.Werner Koch1-0/+4
Minor W32 fix Address change.
2007-04-16util/Werner Koch1-1/+1
* secmem.c (init_pool): Avoid assigning a negative value to a size_t. ./ * acinclude.m4: Fix last change. Make test self-conatined by checking for sysconf and getpagesize. Remove indentation for the sake of broken C-89 cpps.
2007-03-05Post release updateWerner Koch1-0/+4
2007-03-05Preparing 1.4.7gnupg-1.4.7Werner Koch1-2/+12
2007-02-26[W32] Make use of the LANGUAGE envvar.Werner Koch1-0/+5
2006-12-06Post release updatesWerner Koch1-0/+4
2006-12-06Preparing a releasegnupg-1.4.6Werner Koch1-3/+8
2006-12-03* NEWS: Note the CVE for bug#728, --s2k-count, --passphrase-repeat,David Shaw1-3/+20
and the OpenSSL exception.
2006-11-29Preparing an RCWerner Koch1-0/+2
2006-10-02fix for bug 537 and documentation fixes.Werner Koch1-0/+3
2006-08-01Post release updates.Werner Koch1-0/+4
2006-08-01Preparing 1.4.5Werner Koch1-1/+1
2006-07-28Preparing a release candidategnupg-1.4.5rc1Werner Koch1-1/+9
2006-07-26Fixed memory allocation bug and typos.Werner Koch1-0/+2
2006-06-25Post release version updateWerner Koch1-0/+4
2006-06-25Typo fixWerner Koch1-1/+1
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-27 07:15:41 +0000