[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-devel
Subject: Re: [Announce] GnuPG 2.2.18 released
From: ilf <ilf () zeromail ! org>
Date: 2019-11-30 7:00:27
Message-ID: 20191130070027.GA3555115 () zeromail ! org
[Download RAW message or body]
Thanks for the new release.
I run "gpg --check-trustdb --quiet" via cron, but now on every run it
outputs:
> gpg: Note: third-party key signatures using the SHA1 algorithm
> are rejected
man gpg(1) sais:
> -q, --quiet
> Try to be as quiet as possible.
IMHO, gpg should not output that line when used with --quiet.
Best
Werner Koch via Gnupg-devel:
> This release also retires the use of SHA-1 key signatures created
> since this year.
> * gpg: Prepare against chosen-prefix SHA-1 collisions in key
> signatures. This change removes all SHA-1 based key signature
> newer than 2019-01-19 from the web-of-trust. Note that this
> includes all key signature created with dsa1024 keys. The new
> option --allow-weak-key-signatues can be used to override the new
> and safer behaviour. [#4755,CVE-2019-14855]
--
ilf
If you upload your address book to "the cloud", I don't want to be in it.
_______________________________________________
Gnupg-devel mailing list
Gnupg-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic