Re: Keyring corruption with GnuPG 2.1.20

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: Keyring corruption with GnuPG 2.1.20

Daniel Kahn Gillmor-7
On Wed 2017-05-10 14:56:20 +0200, Justus Winter wrote:

> unfortunately, GnuPG 2.1.20 has a bug that can lead to keyring
> corruptions when updating or deleting keys.
 [...]
> If you are using GnuPG 2.1.20 with the keyring format, a workaround is
> to convert your keyring to a keybox.  For this, follow:
>
> https://www.gnupg.org/faq/whats-new-in-2.1.html#keybox
>
> (Hat-tip to bmhatfield for the idea.)

on debian and derived systems, you can also use the helper tool:

   migrate-pubring-from-classic-gpg

which should be slightly more robust and also simpler to use than the
multistep sequence outlined in the FAQ.

> For more information see:
>
> https://dev.gnupg.org/T3123
>
> Packagers, please cherry-pick the following fix:
>
> https://dev.gnupg.org/rG22739433e98be80e46fe7d01d52a9627c1aebaae

Debian-specific note: 2.1.20 is only in debian's experimental
repository; the above patch should be present in 2.1.20-4, which was
uploaded to the experimental repo yesterday.  If you're running any
previous version of 2.1.20 from experimental, please upgrade!

thanks for the heads-up, Justus!

        --dkg

_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

signature.asc (847 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Keyring corruption with GnuPG 2.1.20

Dominyk Tiller
Hey folks,

Are there any plans for an imminent 2.1.21 with that fix in? It seems
like a pretty major hiccup.

Easy enough to apply the fix to Homebrew's formula for gnupg (which a
while back switched to tracking the 2.1 instead of 2.0 branch) but may
be worth brew holding off on that if a release is imminent.

Dom
===
Sent from macOS.

If you wish to communicate more securely my PGP Public Key is at:
https://pgp.mit.edu/pks/lookup?search=0xE5F21DD98E4DF470&op=index

On 11/05/2017 21:28, Daniel Kahn Gillmor wrote:

> On Wed 2017-05-10 14:56:20 +0200, Justus Winter wrote:
>
>> unfortunately, GnuPG 2.1.20 has a bug that can lead to keyring
>> corruptions when updating or deleting keys.
>  [...]
>> If you are using GnuPG 2.1.20 with the keyring format, a workaround is
>> to convert your keyring to a keybox.  For this, follow:
>>
>> https://www.gnupg.org/faq/whats-new-in-2.1.html#keybox
>>
>> (Hat-tip to bmhatfield for the idea.)
>
> on debian and derived systems, you can also use the helper tool:
>
>    migrate-pubring-from-classic-gpg
>
> which should be slightly more robust and also simpler to use than the
> multistep sequence outlined in the FAQ.
>
>> For more information see:
>>
>> https://dev.gnupg.org/T3123
>>
>> Packagers, please cherry-pick the following fix:
>>
>> https://dev.gnupg.org/rG22739433e98be80e46fe7d01d52a9627c1aebaae
>
> Debian-specific note: 2.1.20 is only in debian's experimental
> repository; the above patch should be present in 2.1.20-4, which was
> uploaded to the experimental repo yesterday.  If you're running any
> previous version of 2.1.20 from experimental, please upgrade!
>
> thanks for the heads-up, Justus!
>
>         --dkg
>
>
>
> _______________________________________________
> Gnupg-devel mailing list
> [hidden email]
> http://lists.gnupg.org/mailman/listinfo/gnupg-devel
>

_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Keyring corruption with GnuPG 2.1.20

Justus Winter
Dominyk Tiller <[hidden email]> writes:

> Are there any plans for an imminent 2.1.21 with that fix in? It seems
> like a pretty major hiccup.

https://dev.gnupg.org/T3150

Justus

_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

signature.asc (497 bytes) Download Attachment