Main usability concerns: - CAST5 -> AES for symmetric encryption - MD5 sigs rejected by default
I intend to commit this soon, but tests are welcome. I'm not sure whether the RNG bug is critical or not, but a fix for -stable is planned. Noteworthy changes in version 1.4.21 (2016-08-17) ------------------------------------------------- * Fix critical security bug in the RNG [CVE-2016-6313]. An attacker who obtains 580 bytes from the standard RNG can trivially predict the next 20 bytes of output. Problem detected by Felix Dörre and Vladimir Klebanov, KIT. * Tweak default options for gpgv. * By default do not anymore emit the GnuPG version with --armor. Noteworthy changes in version 1.4.20 (2015-12-20) ------------------------------------------------- * Reject signatures made using the MD5 hash algorithm unless the new option --allow-weak-digest-algos or --pgp2 are given. * New option --weak-digest to specify hash algorithms which should be considered weak. * Changed default cipher for symmetric-only encryption to AES-128. * Fix for DoS when importing certain garbled secret keys. * Improved error reporting for secret subkey w/o corresponding public subkey. * Improved error reporting in decryption due to wrong algorithm. * Fix cluttering of stdout with trustdb info in double verbose mode. * Pass a DBUS envvar to gpg-agent for use by gnome-keyring. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
