Re: Forward gpg-agent to container

On 2018-06-10 at 18:05 +0200, Benjamin Kircher wrote: > This gives me > > gpg: can't connect to the agent: IPC connect call failed > > from within the container. > > Command lines that led to this output are: > > $ docker run --volume $(gpgconf --list-dirs > agent-extra-socket):/root/.gnup

Re: Hard to find alternate source of checksums

On 6/11/18, NdK wrote: > Il 09/06/2018 19:08, Jeff Martin ha scritto: >> For a fresh install of GnuPG, I was following the integrity check >> directions. I have no prior version for GnuPG. > Why not fetch some (unrelated) live distributions, possibly some older > ones and some newer ones? > > GPG

Re: v1.4.22: re--importing --export'ed key from --export-secret-subkeys dir cannot --encrypt

A nice Monday afternoon i wish, i have a post scriptum. Steffen Nurpmeso wrote in <20180604134413.sljyg%stef...@sdaoden.eu>: |Last saturday i search/stumbled over an interesting Debian page |(Subkey.html) which describes how to generate a dedicated siging |subkeys, and how to create a new key p

Expire a single UID

Hi, On 06/11/2018 09:30 AM, Max-Julian Pogner wrote: > *) should i revoke the uid on the old key? => However, as far as i > know, the secret key is not / was never compromised. This is probably the best option in my opinion, since you will no longer use that key with this email address. Revokin

Re: [Announce] [security fix] GnuPG 2.2.8 released (CVE-2018-12020)

On Mon, 11 Jun 2018 10:06, marco.maggi-i...@poste.it said: > I fixed this by upgrading to the latest libgpg-error. This means the > gnupg package does not detect the installed libgpg-error version > correctly? Merge fault, sorry. See https://dev.gnupg.org/T4012 for a fix. Salam-Sha

Re: [Announce] [security fix] GnuPG 2.2.8 released (CVE-2018-12020)

On Mon, 11 Jun 2018 11:07, pe...@digitalbrains.com said: > attempt to decrypt the block in the first message by Werner, as soon as > it was part of a quote, starting with "> ", Enigmail will try to > process it. Type in the passphrase "abc" without quotes, and you'll I'd call that a TB bug. Th

Re: [Announce] [security fix] GnuPG 2.2.8 released (CVE-2018-12020)

I did NOT encrypt the Message, just signed it with my PGP-Key - This message is now without sign or encrypt Am 2018-06-10 um 22:50 schrieb Jean-David Beyer: > On 06/10/2018 01:25 PM, Juergen Bruckner wrote: >> Hello Werner, >> >> i Use Linux Mint 18.3 with GnuPG 2.1.11; which is the easiest way to

Expire a single UID

Hello there! I have quite a problem with properly bisecting a UID from my key. Maybe someone can help me? Here's the situation: This is currently my GnuPG-Key, and will remain my primar key: https://pgp.mit.edu/pks/lookup?op=get&search=0x2D40BDB44401A8AA https://pogner.at/gnupg/0x2D40BDB44401A8A

Re: [Announce] [security fix] GnuPG 2.2.8 released (CVE-2018-12020)

> (Could you please trim your quotes? Incidentally, this would have > prevented the problem in the first place, both on the first and on your > reply). > Thanks for the hint > It would appear that at least Enigmail (mine is from Debian > stable/stretch) ignores an inline encrypted block if it is

Re: [Announce] [security fix] GnuPG 2.2.8 released (CVE-2018-12020)

(Could you please trim your quotes? Incidentally, this would have prevented the problem in the first place, both on the first and on your reply). On 10/06/18 22:50, Jean-David Beyer wrote: > It says part of your message to me was encrypted and prompted me for my > passphrase, but it must not have

Re: Hard to find alternate source of checksums

Il 09/06/2018 19:08, Jeff Martin ha scritto: > For a fresh install of GnuPG, I was following the integrity check > directions. I have no prior version for GnuPG. Why not fetch some (unrelated) live distributions, possibly some older ones and some newer ones? GPG is usually included and you can use

Re: [Announce] [security fix] GnuPG 2.2.8 released (CVE-2018-12020)

"Marco Maggi" wrote: >mainproc.c:686:14: error: 'GPGRT_LOGLVL_INFO' undeclared (first use in this >function); did you mean 'GPGRT_LOG_INFO'? I fixed this by upgrading to the latest libgpg-error. This means the gnupg package does not detect the installed libgpg-error version correctly?

Re: [Announce] [security fix] GnuPG 2.2.8 released (CVE-2018-12020)

Hello, two fixes for the anouncement: >CVE-2018-12020 was assigned to this bug; GnuPG tracks > it at . https://dev.gnupg.org/T4012 > and pass to this pipeline > > gpg --no-options -vd 2>&1 | grep '^\[GNUPG:] INJECTED' enter the needed passphrase 'abc' in your pi

Re: [Announce] [security fix] GnuPG 2.2.8 released (CVE-2018-12020)

Ciao, running"make" failswithundeclaredsymbol.Onmy x86_64-pc-linux-gnu (Slackware) I downloaded: https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.8.tar.bz2 configured with: configure --prefix=/usr/local --libdir=/usr/local/lib64 CFLAGS=-O3 I get this report: