2 files changed, 24 insertions, 5 deletions

diff --git a/NEWS b/NEWS
index aed90e634..5e2de7fdd 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,20 @@
-Noteworthy changes in version 2.0.24 (unreleased)
+Noteworthy changes in version 2.0.24 (2014-06-24)
 -------------------------------------------------
 
+ * gpg: Avoid DoS due to garbled compressed data packets.
+
+ * gpg: Screen keyserver responses to avoid importing unwanted keys
+   from rogue servers.
+
+ * gpg: The validity of user ids is now shown by default.  To revert
+   this add "list-options no-show-uid-validity" to gpg.conf.
+
+ * gpg: Print more specific reason codes with the INV_RECP status.
+
+ * gpg: Allow loading of a cert only key to an OpenPGP card.
+
+ * gpg-agent: Make ssh support for ECDSA keys work with Libgcrypt 1.6.
+
 
 Noteworthy changes in version 2.0.23 (2014-06-03)
 -------------------------------------------------
diff --git a/doc/gpg.texi b/doc/gpg.texi
index 9a6782a43..d66259e6e 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -2330,12 +2330,17 @@ a message that PGP 2.x will not be able to handle. Note that `PGP
 2.x' here means `MIT PGP 2.6.2'. There are other versions of PGP 2.x
 available, but the MIT release is a good common baseline.
 
-This option implies @option{--rfc1991 --disable-mdc
---no-force-v4-certs --escape-from-lines --force-v3-sigs
+This option implies
+@ifset gpgone
+@option{--rfc1991 --disable-mdc --no-force-v4-certs
+--escape-from-lines --force-v3-sigs
+--cipher-algo IDEA --digest-algo MD5 --compress-algo ZIP}.
+@end ifset
 @ifclear gpgone
---allow-weak-digest-algos
-@end ifclear
+@option{--rfc1991 --disable-mdc --no-force-v4-certs
+--escape-from-lines --force-v3-sigs --allow-weak-digest-algos
 --cipher-algo IDEA --digest-algo MD5 --compress-algo ZIP}.
+@end ifclear
 It also disables @option{--textmode} when encrypting.
 
 @item --pgp6